Tadziu Hoffman wrote: > Assume that you (an unsuspecting groff user) want to format a > document downloaded from the internet for printing, but the > roff-file has unfortunately been modified by some malicious > prankster to write a shell script called "ls" to your personal > "bin" directory (which is included in your PATH *before* /bin) > and the next time you execute ls... well, you get the idea. > (I'm ignoring things like the permission bits here, but you can > instead append to a file that already has execute permission.) > > Furthermore, "-U" does not only allow "extended functionality", > but omitting "-U" also gives you "reduced functionality" by > disabling the ".sy" request that allows executing arbitrary > programs in your name.
Thanks for this explanation, (and also thanks to Mike Bianchi for a similar one). Of course, I get the point now. Never having actually used `.sy' and friends, I simply hadn't considered the possible security implications it may introduce, when coupled with the ability to write arbitrarily named files; (makes note: put brain in gear before rushing to type). BTW, I *never* have *any* user writeable directory before the system binary directories, in *my* PATH; but, I guess it would be naive to expect everybody to follow that piece of simple security advice. Regards, Keith. _______________________________________________ Groff mailing list Groff@gnu.org http://lists.gnu.org/mailman/listinfo/groff
