Re: .exrc file security risks

From: Benjamin A. Okopnik (ben_at_callahans.org)
Date: 05/01/03

  • Next message: Rex Monty di Bona: "Re: .exrc file security risks"
    Date: Thu, 1 May 2003 13:23:48 -0400
    To: focus-sun@securityfocus.com
    
    

    On Tue, Apr 29, 2003 at 09:04:12PM -0400, Ben Okopnik wrote:
    >
    > The autoloading of the per-directory .exrc files (and shell escape/write
    > commands in them) can be disabled by invoking the "secure" command in
    > "/etc/exrc".

    Whoops, my mistake - forget "/etc/exrc", no such thing under Solaris. :)
    System-wide "vi" stuff usually gets set via EXINIT in "/etc/profile".

    Ben Okopnik
    -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
    "We have enough religion to hate each other, but not enough to
    love each other."
     -- Jonathan Swift


  • Next message: Rex Monty di Bona: "Re: .exrc file security risks"