On Mon, 19 Apr 1999, Raul Miller wrote: > > > Consider su -c /etc/init.d/blah > > > And if the PATH wasn't appended, how would su -c /etc/init.d/blah be any > > different, except that it may not run? > > So? It's not as if su -c is the only issue involved. And, not running > is only relevant before these other issues are addressed.
I fail to see what your point is. You told me to consider something in light of what I am proposing. I replied that I did and that I could see no change in behavior. And then you reply "So?" What am I missing? > > If that's desired behavior, because we want to force users to not be > > able to issue commands like that (even if they so desire) then that's > > one thing. OTOH, it's not only a matter of root's PATH being changed > > like everyone is making it out to be. The above su command is a good > > example of another case where the proper PATH might not be available > > unless the script appends what it needs. > > Except that you always need to think about security implications when > dealing with activity which system priviledges. Fine -- and what are the security implications here? Or are you just saying, "I'm not sure there are any, but keep it in mind and try to find them." ?? Thanks, -- Brock Rozen [EMAIL PROTECTED] Director of Technical Services (410)358-9800 Project Genesis http://www.torah.org/
