Binary Expressions

2005-10-27

Daily insecurity output: The root path includes .

Filed under: — Adam @ 2:11 pm

This insecurity warning occurs due to the root user’s root path is included in the environment variable PATH. The root’s path should never contain “.” as this is a security risk. For example, if the root’s path included “.” and a user happen to create a file that was named ls but contained a command to remove the $HOME the root’s home directory would be deleted.

The solution to the matter is to edit the root’s /root/.profile and remove “.” from the PATH environment variable.

Example
Current environment variable PATH:
PATH=$HOME/bin:/bin:/sbin:/usr/bin:/usr/X11R6/bin:/usr/local/bin:/usr/local/sbin:.

Remove “:.”, which would now look like this:
PATH=$HOME/bin:/bin:/sbin:/usr/bin:/usr/X11R6/bin:/usr/local/bin:/usr/local/sbin

Comments are closed.

Take back your mailbox - CAUCE.org

Powered By Wordpress PHP: Hypertext Preprocessor MySQL Powered Download Juice, the cross-platform podcast receiver
Proud To Be Canadian Get Firefox Valid XHTML Valid CSS
<NO>OOXML Logo


24 queries. 0.236 seconds.
Copyright © 2004 - 2005 by Adam Douglas