Bugtraq mailing list archives
Re: Secuirty Hole In Older Perl Installs...
From: chris () FAST-AG DE (Christian Groessler)
Date: Tue, 11 Mar 1997 17:15:25 +0200
On 3/11/97 8:41:23 AM krobson () USA NET wrote: > Hi Folks, > > Recently I have installed a couple of the distributions of Perl 5.001 from Hip onto NT boxes. Unfortunately Perl updates the system global > variables and does the following to your path:- > > PATH=.;c:\perl;%PATH% > > As you can see this makes it extremely easy to create trojan horse type attacks as it usually ensures that your current directory is read before > any system directories, etc. > AFAIK, unter DOS and NT you always have "." implicilty at the beginning of your PATH variable. The dot in the PATH variable above is redundant. regards chris
Current thread:
- Re: Secuirty Hole In Older Perl Installs... Christian Groessler (Mar 11)