So I read in a Linux book that the reason the current directory, aka ".", is not in PATH is because it is insecure to do so. How? What vulnerability does this create?
asked 01 Jul '10, 06:49
Yes, it is definitely insecure.
If you create a directory with the following contents, it is a security flaw:
So don't put the dot in your
answered 01 Jul '10, 08:28
The risk is not worth the reward. In a properly configured Linux environment, all executables should be in a few standard directories. This is part of the FSSTD and is generally considered a good practice as all files with the same function are in the same place.
Unlike the directory structure of Windows, executing a command in a local directory is more of the exception than the rule. Mostly, it will be to run ./configure or something similar. Since doing otherwise is so rare, it causes you to have to stop for a moment and think before doing something stupid.
As for security, you can imagine all the things that could go wrong if any file could be executed at random. Unlike Windows, Linux does not require a special filename extension (.exe, .com, .bat) to be executable. I know that some fs types, such as NTFS, that don't have Linux permissions can be granted all permissions by default. This includes the execute permission. That means that you could wonder into a directory and accidentally execute a file at random by using tab-complete. Mostly, this would just issue a lot of "command not found", but if just the right phrase appeared, you might have trouble. This is just one example that doesn't even require ill intentions. I'll let your imagination figure out some more.
answered 02 Jul '10, 05:08