|
From: | Chris Snyder |
Subject: | Re: ver. 2.11.56 problems |
Date: | Tue, 19 Aug 2008 10:51:35 -0400 |
User-agent: | Thunderbird 2.0.0.16 (X11/20080724) |
Tom Cloyd wrote:
Major lesson: the Unix/Linix command processor (or whatever - genie?) is disinterested in the fact that I'm already in the dir containing the referenced file. I have to tell it explicitly. Coming from Windows, I find this extremely confusing, nonsensical, etc., but I now suddenly understand why there are 75,000+ symlinks in my OS (unless, of course, I'm completely misunderstanding what symlinks are about).
I made the switch from DOS/Windows about six years ago, and remember the same confusion. There is a very good reason for this behavior: it provides a safeguard against malicious programs being accidentally executed. Consider the following example:
A user places an executable named "ls" in their home directory. This executable silently gives that user root-level access to the system, then calls the actual ls program. This program won't do anything if run by a normal user, of course. However, the malicious user asks the system administrator to take a look at their home directory to diagnose a problem they're having. The administrator changes to the user's home directory and runs ls to get a directory listing; unbeknownst to the administrator, the malicious ls has just given the user admin privileges using the privileges of the administrator that called it.
This isn't as big of a deal with single-user systems, but it still is a good way to make sure that users are aware that they're not executing system-supplied software.
Well, that explanation was longer than I thought it would be. Hopefully it's useful, or at least interesting.
-Chris
[Prev in Thread] | Current Thread | [Next in Thread] |