2013/11/1 Reindl Harald <h.reindl@xxxxxxxxxxxxx>: >> The attacker needs to be able to write to your home directory to take >> advantage of it. >> And if he can do that (you lost) he has numerous other ways of doing it > > so the people decided not put the current directory in the > PATH on Unix *for security reasons* decades ago must be > fools Not having cwd in the path is a protection against malicious (or at least joking) users on the same system: Otherwise they could easily fool you to execute e.g. a file named 'ls' in their home doing something evil. - Thomas -- devel mailing list devel@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/devel Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
