Path: utzoo!utgpu!water!watmath!clyde!cbosgd!ihnp4!ptsfa!ames!umd5!mimsy!aplcen!osiris!mjr From: mjr@osiris.UUCP (Marcus J. Ranum) Newsgroups: comp.misc Subject: Re: Trojan Horse a Myth? Summary: '.' in path - shell can help. Message-ID: <1478@osiris.UUCP> Date: 11 Dec 87 14:13:15 GMT References: <459@gtx.com> <30800002@ccvaxa> Organization: My Etch-A-Sketch runs X-Windows Lines: 20 A trick I'd always thought would be nice would be to have a shell that could have an option set to show WHAT was being executed. If one was root, and typed "ls" with that option set, and it came back with "./ls" you would know you had a problem... Obviously, catching it BEFORE is the way to go, but catching it at all is a big deal for some. Another choice would be to have it say "exec ./ls (Y/N)?" :-) :-) :-) I haven't looked at sh source (all those gross preprocessor commands) for a while, but doesn't it just try to exec() the program in each part of the PATH ? That would need to be changed. I'm not suggesting adding more junk to the "real" shell, but I have often thought that a shell with "enhancements" for system admins might be useful. --mjr(); -- Once, there was NO fun... This was before MENU planning, FASHION statements or NAUTILUS equipment... Then, in 1985.. FUN was completely encoded in this tiny MICROCHIP... It contains 14,768 vaguely amusing SIT-COM pilots!!