From mboxrd@z Thu Jan 1 00:00:00 1970 Message-ID: To: 9fans@cse.psu.edu Subject: Re: [9fans] security From: erik quanstrom Date: Sat, 27 Oct 2007 00:38:48 -0400 In-Reply-To: <61172513-6773-4AA3-8EF0-182BD91D948B@mac.com> MIME-Version: 1.0 Content-Type: text/plain; charset="US-ASCII" Content-Transfer-Encoding: 7bit Topicbox-Message-UUID: db3a880e-ead2-11e9-9d60-3106f5b1d025 > 1) rc: the value of $path is (. /bin). It is a classic case not to > have . as the first directory when searching for programs - it allows > Trojan horses to form. if you're the only one using your system, how could this be a problem? but assuming you have multiple users on your system, how do you propose that a target be tricked into cd'ing into a trojaned directory and attempt to execute the magic command. what would this trojaned command do? without setuid (or a superuser), the options are more constrained. perhaps there are systems where the mutal distrust between users is that great. > 2) auth server: why do we need one for passwords anyways if we run on > a desktop computer? I don't know how to set one up, but I'd just like > to set a password without an error spitting back at me when I type > "passwd". this command should get you started man 8 authsrv - erik