[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [cobalt-users] Mass User Addition Script for RAQ3i

Subject: Re: [cobalt-users] Mass User Addition Script for RAQ3i
From: Chris Adams <cmadams@xxxxxxxxxx>
Date: Sat May 13 13:05:59 2000

Once upon a time, Jeff Lasman <jblists@xxxxxxxxxxxxx> said:
> SO you either have to change the path to include "." as the first
> directory to try, or else call your program like this (which is the way
> I do it):

NEVER put "." first in your PATH.  If you must have it in your PATH, put
it last.  Otherwise, your users can easily exploit root.  All they have
to do is setup a script called "ls" (or "vi" or "sh") in their
directory, call up and say they have a problem, and wait for you to cd
to their directory as root and do "ls".
-- 
Chris Adams <cmadams@xxxxxxxxxx>
Systems and Network Administrator - HiWAAY Information Services
I don't speak for anybody but myself - that's enough trouble.

References:
- [cobalt-users] Mass User Addition Script for RAQ3i
  - From: Vijay
- Re: [cobalt-users] Mass User Addition Script for RAQ3i
  - From: Andy perrett
- Re: [cobalt-users] Mass User Addition Script for RAQ3i
  - From: Jeff Lasman

Prev by Date: [cobalt-users] Cobalt ManageRaQ Server Appliance
Next by Date: Re: [cobalt-users] DBM auth broken also on RaQ3
Previous by thread: Re: [cobalt-users] Mass User Addition Script for RAQ3i
Next by thread: Re: [cobalt-users] URGENT ProFTPD problem: users can't go beyond personal dir...

Sun Cobalt Users Message Index

Sun Cobalt Users Thread Index