In Linux Gazette, Issue # 42, I provided an answer to the question of getting an a.out binary to run. I suggested that typing "./a.out" (sans quotes) would do the trick. I went on to suggest that the "current directory" be added to the path to avoid the bother of typing ./ before the name of the binary to be run.
Several have written to me to point out that adding ./ to the path is not good practice from a security viewpoint. Therefore, I urge anyone who has added the ./ to their path after reading my answer, remove it. Instead, just get in the practice of typing ./myprogramname when one wants to run a binary in the current directory.
I'd like to take this opportunity to thank Alex B., Art W., and Pete in the UK for taking the time to write me notes explaining the pitfalls of putting dot slash (./) in one's PATH. This is especially true for root, but apparently not good practice for anyone. As I understand it, a transgressor could easily put a program with evil intentions, but with a common name, such as "ls," in one of your commonly used directories. Next time you type ls on the command line, the evil program is run rather than the ls directory display program. This is so if one had modified one's PATH to include ./. If one had to include ./ in one's path, make sure it is at the end of the PATH statement.
Thanks for giving me this opportunity to correct the bad information I presented. Also, thanks again to those who took the time to write to me to explain the consequences of adding ./ to the PATH statement.
Pete, NO2D
Date: Thu, 10 Jun 1999 13:19:05 +0100
There is a good reason for RedHat (and hopefully all the Linux distributers)
not to include '.' in your PATH. Its a security risk. Now, you may be OK on
a non-networked system but I don't think it is a good habit to get into.
The following is quoted from the Path Mini HOWTO:
The path is sometimes a big security problem. It is a very common
way to hack into a system using some mistakes in path settings. It is
easy to make Trojan horse attacks if hacker gets root or other users to
execute his versions of commands.
A common mistake in the past (?) was to keep '.' in the root's path.
Malicious hacker makes program 'ls' in his home directory. If root
makes
-- Date: Mon, 14 Jun 1999 19:31:48 +0100
If you find it absolutely
necessary to include . in your path, at least put it as the last entry
in your path so that the system binaries are searched before '.' is.
Date: Tue, 15 Jun 1999 10:34:52 +0100 Peter Inskeep writes:
This would only be remarkable to a DOS user. The inclusion of .
in $PATH exposes the user to trojan horses. It should never appear in
root's $PATH, and I don't like it in mine either.
Alex Thorp
When setting up you .exrc file for vi you can use the map command to map
the function keys in addtion to the few unassigned 'normal' keys.
Example:
Matt
I am using winzip for windows from http://www.winzip.com this can handle
various zip formats including gz,tar,zip,ajr etc. hope this helps.
Subject: Linux / Windows maybe you already know this, but .tar and .gz files can be unpacked under
Windows using Winzip 7
All the README-files (and every other plain-text file for that matter) can
be opened with Notepad/Wordpad.
Also, if you use a Windows filesystem on you floppies ( vfat ), you can read
'em under Windows, but you can also mount them RW on any linux which has
vfat support compiled into the kernel (most distributions have, trust me :-)
If you use StarOffice 5, then you can use Office 97 files to exchange data,
cuz SO5 uses an O97-compatible file format.
Hope this helps ya and feel free to DMAL for comments/questions,
greetz, This is not exclusively a Linux trick of course but here it goes:
If you've changed your web site structure and thereby removed a previous
entry page (the first page a visitor comes to) which may have links to it you
could link that page to your current entry page.
I removed my foreword.htm some time ago and later found a stale link on a
foreign page leading to the missing page. So I simply created a link to my
current toc.html. Now whenever someone follows the original link, instead of
getting a 404 they get the toc.html.
HTH someone ...
http://www.psychosis.com/linux-router/
Hi, I think this comes close to what you're looking for.
wim
This is no longer true for LinuxPPC (including revision 4) or YDL, although
it's still true for MkLinux. The partition limit was due to a kernel
problem that disappeared somewhere in the 2.1.x series...use a 2.2.x kernel
and you'll be fine. (I am using a 4GB partition quite happily with
LinuxPPC R4 right now, with an uptime of several months.)
Cordially, Date: Fri, 4 Jun 1999 18:37:26 -0400 Whoops, I read further in your June 2 cent tips, and I see that someone
else has already replied to her message...although they claim the problem
is with e2fsprogs, which I didn't touch on my machine. (Although perhaps
there was an upgraded version in the installer image that I downloaded
along with the new kernel.)
Midnight Commander allows you to show an FTP-site in one pane and
your local file system in the other. You can acces the FTP-site like
you would a local directory (i.c. F5: copy, F6: move/rename, etc...)
Greetings, On Mon, 03 May 1999 16:33:32 -0500, Pete wrote:
I have been digging for the past several months to try and find any
way to bind inetd to one IP / interface. I have a machine with several
virtual hosts, and had originally intended for only the main IP /
interface to respond to telnet, ftp, etc. The virtuals would only
respond via httpd. Unfortunatly, this doesn't seem to be the way it's
working - not only can I telnet / ftp to all addresses, it seems like
every inetd connection shows up on the LAST IP interface for some
reason.
I've looked thru manpages, NAG, websites, and while I know a lot
more than when I started looking, I was never able to solve this
binding problem.
Anyone have the answer?
Pete,
I think the tcp wrapper daemon (tcpd) should do the trick.
In /etc/hosts.allow and /etc/hosts.deny you can use constructs like daemon@host
that will accomplish what you need (sort of).
Try:
Greetings, [email protected] wrote in LG #42:
Just read issue 41 and read the great article about direct cable
connections between Win95 and Linux, I tried implementing this method
but came across a couple of problems running Windows 98. (4.10.1998)
I can get terminal emulation (using HyperTerminal) running at 38400
baud but 115200 crashes at the password prompt. (115200 works with
xon/xoff using kermit as the terminal program).
Can't figure out how to get Windows to dial out over the serial
line as in your article. I tried creating a new modem using the modems
wizard in the control panel using 'standard serial between 2 PC's' and
it goes through the process reporting success at the end but no device
appears anywhere.
The problem is in Win95/98. It does not come with a null modem
driver. Windows assumes that you are using a REAL modem complete
with AT commands, etc. If all you have is a null serial cable
between the Win95 box and the Linux PPP server, then Win95 cannot
be used because it cannot be set up unless you use a modem and a
phone line.
However, there IS a null modem driver. You install this driver
by copying it to c:\WINDOWS\INF (a hidden directory). You can
then install a new modem. Select not to detect, but you will
pick it from a list. When you get to the list, it will be at
the top of the list of manufacturers, and you can select the
generic null modem driver.
This driver has been around the internet for years, but I have
put it up on my ftp server.
ftp://ftp.nook.net/pub/unix/mdmcisco.inf
I have no problem then using my Win95 computers with terminal
servers such as my Livingstons. It works a LOT faster than
using a Modem, and communications is typically 115,200.
--
From: Pat Neave
> Try running the a.out binary with the command line: ./a.out I recently
> installed RedHat 5.2 and found that its $PATH statement does not include
> a path of " ./: " ./ is the path of the current directory that you are
> in. Remarkably, RedHat does not set up paths so that your current path
> is looked at to execute a file.
12. Security concerns
# cd ~hacker
# ls
he executes ls command of hacker's.
Pat
From: Jeffrey Voight
From: Alexander Thorp, [email protected]
"Remarkably, RedHat does not set up paths so that your current path is
looked at to execute a file", i.e. does not include the directory . in
$PATH."
(This is a sample of many letters received on the dangers of '.'.
I don't use it in the root path, but I like in my path. :) --Ed.)
More Vi .exrc stuff
Date: Wed, 9 Jun 1999 15:18:11 -0400 (EDT)
From: Matt Boutet
map #1 :set nu
this makes F1 turn line numbering on.
gzipping TWHT-1 (unzipping UNIX files on Windows)
Date: Fri, 25 Jun 1999 10:24:41 +0530
From: "Nagesh S K"
Date: Tue, 29 Jun 1999 17:22:36 +0200
From: Peter Van Rompaey
Blacky
Undernet - #Supportline #Groningen
Deleted web pages
Date: Thu, 3 Jun 1999 15:02:06 +0200
From: "Martin Skjoldebrand"
M.
Make modem ignore funny dial tones
Date: Fri, 4 Jun 1999 14:24:18 -0400 (EDT)
From: Matt Willis
#!/bin/sh
#
# This is part 2 of the ppp-on script. It will perform the connection
# protocol for the desired connection.
#
exec /usr/sbin/chat -v \
TIMEOUT 23 \
ABORT '\nBUSY\r' \
ABORT '\nNO ANSWER\r' \
ABORT '\nRINGING\r\n\r\nRINGING\r' \
'' ATZ \
'OK' ATL0M0 \
'OK' ATX3 \
'OK-+++\c-OK' ATH0 \
TIMEOUT 50 \
OK ATDT$TELEPHONE \
CONNECT '' \
rname:--rname: $ACCOUNT \
assword: $PASSWORD
Tips in the following section are answers to questions printed in the Mail
Bag column of previous issues.
ANSWER: Network boot disk for i386 without hd
Date: Fri, 4 Jun 1999 11:13:43 +0100
From: Wim Lemmers
ANSWER: Question about 2 GB max?
Date: Fri, 4 Jun 1999 18:33:15 -0400
From: "Steven G. Johnson"
Traditionally, there has been a 2GB partition size limit (not just a
FILE size limit) on PowerPC Linux partitions. I don't know if that will
continue to be true with newer versions but it is true of LinuxPPC up to
revision 4 and DR3 of MkLinux. I haven't checked if there's a
YellowDogLinux specific answer however.
Steven G. Johnson
From: "Steven G. Johnson"
ANSWER: FTP access methods
Date: Sat, 05 Jun 1999 13:27:44 +0200
From: Ben De Rydt
And I finally have a good question: In both Window$ and O$/2 I had apps
that would treat ftp sites as folders (directories). It worked real
well with keeping data in sync off-site. Is there a tool that will
allow an FTP site to be mounted under Linux? It seems fairly useful to
me, but freshmeat and other resources turned up nada.
Ben
ANSWER: Any inetd wizards out there?
Date: Mon, 14 Jun 1999 18:26:16 +0200
From: Ton Nijkes
man tcpd
man 5 hosts_access (look for 'SERVER ENDPOINT PATTERNS')
Ton.
ANSWER:
Date: Sun, 27 Jun 1999 14:43:43 -0800
From: Ramon Gandia
Ramon Gandia ================= Sysadmin ================ Nook Net
http://www.nook.net [email protected]
This page maintained by the Editor of Linux Gazette,
[email protected]
Copyright © 1999 Specialized Systems Consultants, Inc.