[Courses] [Perl] Part 1: Getting Started

Anna Badimo anna at cs.wits.ac.za
Tue Apr 5 22:51:34 EST 2005 

Thanks all for the course. I am so excited to get this opportunity to learn
Perl and share with experienced Linux people.

Merci,
Anna Badimo

--
WITS University


---------- Original Message -----------
From: Magni Onsoien <magnio+courses at pvv.org>
To: courses at linuxchix.org
Sent: Tue, 5 Apr 2005 09:56:04 +0200
Subject: Re: [Courses] [Perl] Part 1: Getting Started

> On 2005-04-05 16:46:08 +1000, Sue Stones said:
> > Colleen Hatfield wrote:
> > >If you're the only
> > >person that ever touches your machine, it's probably not too
> > >dangerous; otherwise it should definitely be avoided. ;-)
> > 
> > Personally, yes I am the only one that has ever used my machine.  (My 
> > only housemate for the last decade has been a dog that had absolutely no 
> > interest in using the computer)  But if I was in a position where 
> > someone else was going to use my computer even for a few hours, I would 
> > create an account for them.
> 
> I do that before they are getting close to anythng but a locked 
> screen :-)
> 
> But imagine that you have created her an account and you are using 
> the computer together (either simultanously, like a server, or 
> sequentally). The other person make a script that do something 
> pretty evil, like 'rm -rf $HOME 2>&1>/dev/null' (which will delete 
> your homedir and redirect all errors to /dev/null so you won't see 
> them). This script is called ls and is put into /tmp (a directory 
> writeable for anyone) and made executable for all.
> 
> I guess you can figure out what happens when you go to /tmp and type 
> 'ls' to see what's there, if you have . first in your $PATH? :-)
> 
> So making a separate account really doesn't matter if it's a multi user
> system, since in reality you'll be sharing directories and stuff anyway.
> And DON'T remove the world-write permissions for /tmp, it will break
> your system :-) (Not breaking in the same sense as rm -rf $HOME, 
> though...)
> 
> And for the record, the same will of course happen if the user puts 
> her malicious script in her $HOME-directory and asks you to "have a 
> look at my homedir, something seems to be wrong there".
> 
> The best thing to do is to stick with ./script and avoid . in the $PATH.
> If you make scripts, it's safer to add their directory at the end of 
> the $PATH (with e.g. 'export 
> PATH=$PATH:$HOME/myscriptdir:$HOME/perlcourse'). If you WANT to have 
> . in your $PATH, add it to the end of the $PATH
> ('export PATH=$PATH:.') so you won't execute scripts and binaries 
> with the same name as system programs when you didn't want to. If 
> you insist on having your own 'ls', you could either use ./ls or add 
> an alias for it in .bash_profile ('alias ls=$HOME/myscripts/ls').
> 
> [Ok, this isn't on perl anymore. Sorry.]
> 
> Magni :)
> -- 
> sash is very good for you.
> _______________________________________________
> Courses mailing list
> Courses at linuxchix.org
> http://mailman.linuxchix.org/mailman/listinfo/courses
------- End of Original Message -------

More information about the Courses mailing list