janet@cs.uwa.oz.au (Janet Jackson) (06/20/91)
In <13780@mentor.cc.purdue.edu> asg@sage.cc.purdue.edu (The Grand Master) writes: >I don't know about you. But most of the people I know are not perfect >typisdts ( ;-) ). It is not uncommon to accidently type ks instead of >ls ( I have seen many people do it before ). So now what happens when >someone puts a file ks in /tmp, and you do: ># cd tmp ># ks >(woops, I meant to type ls) where ks is a trojan horse. I try very hard not to cd to /tmp, or any other directory I know is world-writable. I don't have "." in root's path, of course, but I do have it at the end of my own path for convenience. I probably shouldn't, though. System administrators' personal accounts are likely to be rather more privileged than normal (how many special system-related groups is _your_ uid in?) Janet Jackson (janet@cs.uwa.oz.AU) Department of Computer Science The University of Western Australia