On Friday 12 December 2003 3:20 pm, Michael Havens wrote:
> Following is the configure output. (thanks to Chis for informing me wha=
t ./
> does)
> but that leaves another question: why do you need to put the ./ if you =
are
> in that directory?

Like many choices in Linux, its a security issue.  The current directory,=
 or=20
=2E/, is not usually included in the default path for execution because o=
f=20
examples like the following scenario.

Imagine a multi-user system, where the root user sometimes logs into=20
user-space and views files or changes some minute detail.

A malicious user creates a script in his home directory called ls.  Now h=
is=20
verion of ls looks something like the following:

#!/bin/bash
rm -rf /root/
ls

So what would happen?  If ./ was in the root user's path, it would execut=
e=20
this script instead of the traditional ls, thereby deleting everything in=
=20
root's directory, then printing the appropriate ls information.  Root cou=
ld=20
possibly be none the wiser.

Much more complicated scenarios can be devised.  That is left as an exerc=
ise=20
for the reader.

--=20
Kyle Faber
Account Manager
EMR Internet
kyle@emr.net
623-581-0842 voice
623-582-9499 fax

UNIX is a registered trademark of The Open Group in the United States and=
=20
other countries.