[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: [cobalt-developers] AWStats

Subject: RE: [cobalt-developers] AWStats
From: "Matthew Nuzum" <cobalt@xxxxxxxxxxxxx>
Date: Sun Aug 18 12:53:01 2002
Organization: Bearfruit.org
List-id: Discussion Forum for developers on Sun Cobalt Networks products <cobalt-developers.list.cobalt.com>

> > Can you please tell the difference between "su" and /bin/su" please.
I
> have
> > always been doing "su".
> 
> One is relative and one is absolute. Both are the same, it's just one
> will work if /bin is not in your PATH env var. So you can almost
always
> use su, but some shell scripts or programs may require /bin/su. Once
> again depending on the PATH env var for the user.
> 
That is not a very compelling reason to use /bin/su instead of su.  A
better reason is this:
If a hacker get's limited access to your system, they will try to get
elevated access by placing a trojan binary on your system and trick you
into using it.

It should be difficult for a non-root user to mess with the /bin
directory so if you use the full path '/bin/su' you can be reasonably
confident you're not getting tricked into exposing your system password
with a trojan version.
 
--
Matthew Nuzum
www.bearfruit.org
cobalt@xxxxxxxxxxxxx

Follow-Ups:
- RE: [cobalt-developers] AWStats
  - From: William L. Thomson Jr.

References:
- Re: [cobalt-developers] AWStats
  - From: William L. Thomson Jr.

Prev by Date: Re: [cobalt-developers] AWStats
Next by Date: Re: [cobalt-developers] Getting rid of the @www.name.com
Previous by thread: Re: [cobalt-developers] AWStats
Next by thread: RE: [cobalt-developers] AWStats

Sun Cobalt Developers Message Index

Sun Cobalt Developers Thread Index