> It is unfortunate that RedHat's SU keeps the same environment and
> specially the same PATH as this leaves the user open to a trivial
> attack
This only is a problem if you "su" from someone else's account,
something a good administrator should be wary of. Otherwise "." should
either be at the end of your path, or not there at all if you have root
privileges.
Believe me, resetting the path may be more secure, but it's a lot more
of a pain if you go back and forth from root a lot. In business
environments most users are "trusted" (or rather "trustable") so there
isn't much of an issue anyway. As far as the argument about out of the
box safety and the small user, well in that case it is unlikely that
they'll be using their system for multi-user and they won't be su-ing
from anyone else.
I can't speak for ksh, sh, or bash, but at least in "csh" it's pretty
easy to make your ".cshrc" (which is always run on a new shell) fix
things up if you really want. This could be used to argue either way of
course.
- Matt
begin:vcard
n:Fahrner;Matt
tel;pager:(603) 639-4142
tel;fax:(603) 443-6190
tel;work:(603) 448-4100 xt 5150
x-mozilla-html:FALSE
url:http://www.gizzy.com/matt
org:Burlington Coat Factory Warehouse;MIS Networking
version:2.1
email;internet:[EMAIL PROTECTED]
title:Manager of Networking
adr;quoted-printable:;;2 South Park St.=0D=0AWillis House;Lebanon;NH;03766;USA
x-mozilla-cpt:;-3648
fn:Matt Fahrner
end:vcard
