[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: new snapshot available: coreutils-8.0.108-3aff3
From: |
Jim Meyering |
Subject: |
Re: new snapshot available: coreutils-8.0.108-3aff3 |
Date: |
Mon, 16 Nov 2009 09:10:52 +0100 |
Gilles Espinasse wrote:
>> ...
>> >> > Insecure directory in $ENV{PATH} while running with -T switch at -
...
>> >> Is some directory in your $PATH group- or world-writable?
It is insecure also if a parent of one of those directories is
group- or world-writable.
>> > should not
>> > find `echo "$PATH" | sed 's/:/ /g'` -maxdepth 0 -ls
>> > 1331275 4 drwxr-xr-x 2 root root 4096 Oct 21 23:07
>> > /tools_i486/usr/bin
>> > 1672609 4 drwxr-xr-x 2 root root 4096 Nov 14 17:56 /bin
>> > 1672645 4 drwxr-xr-x 2 root root 4096 Nov 14 17:57
> /usr/bin
>> > 1672640 4 drwxr-xr-x 2 root root 4096 Nov 14 17:57
> /sbin
>> > 1672648 4 drwxr-xr-x 2 root root 4096 Nov 14 17:57
>> > /usr/sbin
>> > 1672299 12 drwxr-xr-x 2 root root 12288 Nov 14 17:42
>> > /tools_i486/bin
>>
>> That doesn't show the actual value of your $PATH envvar.
>> I'll bet it starts with ":". *THAT* is definitely insecure.
> No
> First, I could do in the chroot
> perl -e 'print "$ENV{PATH}\n";'
> /tools_i486/usr/bin:/bin:/usr/bin:/sbin:/usr/sbin:/tools_i486/bin
Try ls -ld /tools_i486 /tools_i486/usr