merlyn@intelob.intel.com (Randal L. Schwartz @ Stonehenge) (05/16/89)
In article <2040@umbc3.UMBC.EDU>, cs411134@umbc5 (Peter Johansson) writes: [method of creating $HOME/ls deleted] | Why this works: Most users have ``.'' in their path before ``/bin'' | or ``/usr/bin'' and whetever else, so your ``ls'' gets executed | instead of the one the snooper expects. If you like, and if you have | the source to the system ``ls'', you can include it into your program | and modify it so that your ``ls'' program never gets displayed. | Another good idea is not to log your own accesses to the program. | | Dangers and Caveats: It would be equally easy to have the ``ls'' | program ``rm -R ~/*'' making this information potientially very | dangerous. I suggest you remove ``.'' from your path when snooping. | I hope everyone who reads this message is mature enough to understand | its implications. Sheesh. Ever since the V7 days (remember V7, the One True Unix, anyone? <grin>)... I've had "." as the *last* element in my PATH. True, it doesn't save me from typos, but at least I don't get spoofed, and I can still exec current-directory stuff when the name doesn't conflict with a system command (which it never should anyway, for many many reasons). Anyone who runs with "." as the first directory is just-plain-asking-for-it! (And, no, that wasn't an invitation to *do* something to somebody. But, y'all get what you deserve...) Just a Unix hacker for nearly a decade... -- ***** PLEASE IGNORE THE ADDRESS IN THE HEADER ***** /=Randal L. Schwartz, Stonehenge Consulting Services (503)777-0095===\ { <merlyn@agora.hf.intel.com> ...!uunet!agora.hf.intel.com!merlyn } \=Cute quote: "Welcome to Oregon... home of the California Raisins!"=/