On Saturday, January 07, 2006 @ 5:27 AM, Mike McMullin wrote:
On Sat, 2006-01-07 at 10:56 +0530, Shriramana Sharma wrote:
I compiled a C program, but could not execute it using
exec filename
but only using
exec ./filename
Can I know why this is so? Thanks.
Is the execute attribute set on the file?
And is the path to the file defined in your PATH variable (echo $PATH).
Greg Wallace Where is it? Your current directory is not checked for executables in most shells, unlike that toy o/s MS-DOS. If there isn't a PATH to it, you will definitely have to specify ./filename
-T
Sunday, 08 January 2006 11:09 samaye, Tom Peters alekhiit:
Where is it? Your current directory is not checked for executables in most shells, unlike that toy o/s MS-DOS. If there isn't a PATH to it, you will definitely have to specify ./filename
Thanks, all, for your interest. Apparently my previous post to the list was not delivered to the list because Simon Roberts's reply had a reply-to header to his id. I have since been able to successfully run many programs using ./filename, but I do wonder why the current directory is not checked. What is wrong with that behaviour? And why should the DOS shell be derided for providing this facility? -- Penguin #395953 resides at http://samvit.org subsisting on SUSE Linux 10.0 with KDE 3.5
On 1/8/06, Shriramana Sharma
Sunday, 08 January 2006 11:09 samaye, Tom Peters alekhiit:
Where is it? Your current directory is not checked for executables in most shells, unlike that toy o/s MS-DOS. If there isn't a PATH to it, you will definitely have to specify ./filename
Thanks, all, for your interest. Apparently my previous post to the list was not delivered to the list because Simon Roberts's reply had a reply-to header to his id.
I have since been able to successfully run many programs using ./filename, but I do wonder why the current directory is not checked. What is wrong with that behaviour? And why should the DOS shell be derided for providing this facility?
This is due to security reasons. If the current directory is searched
before others and you're currently in /tmp, a publicly writable
directory, an attacker could place a malicious binary with named ls in
/tmp. It would be executed instead of /bin/ls thus enabling attackers
to run arbitrary commands. Imagine this happens when you're logged in
as root.
One could argue that placing the current directory as the last element
in $PATH would be safe. If you're still in /tmp and invoke ls the
$PATH variable is searched and /bin/ls is executed before ./ls if
there is one. This is OK unless you invoke malicious binaries by
accident (e.g. typing 'ud' instead of 'du') if the attacker has
anticipated typical typing errors.
If you want to be sure, do NOT place the current directory in you
$PATH variable.
\Steve
--
Steve Graegert
On Sun, 2006-01-08 at 13:14 +0530, Shriramana Sharma wrote:
Sunday, 08 January 2006 11:09 samaye, Tom Peters alekhiit:
Where is it? Your current directory is not checked for executables in most shells, unlike that toy o/s MS-DOS. If there isn't a PATH to it, you will definitely have to specify ./filename
Thanks, all, for your interest. Apparently my previous post to the list was not delivered to the list because Simon Roberts's reply had a reply-to header to his id.
I have since been able to successfully run many programs using ./filename, but I do wonder why the current directory is not checked. What is wrong with that behaviour? And why should the DOS shell be derided for providing this facility?
PWD may or may-not be in the path of the user. *nix checks the path first, DOS checks the path and the current directory. (I do mean checks, as DOS is still being used today, I've run 4 CNC machines that boot DOS, 2 MS-DOS and 2 DR-DOS). I did a man exec and it seems to be a bash script executor, IIRC you had compiled the program in the original question, what impact could exec have in this situation?
On 1/8/06, Mike McMullin
On Sun, 2006-01-08 at 13:14 +0530, Shriramana Sharma wrote:
Sunday, 08 January 2006 11:09 samaye, Tom Peters alekhiit:
Where is it? Your current directory is not checked for executables in most shells, unlike that toy o/s MS-DOS. If there isn't a PATH to it, you will definitely have to specify ./filename
Thanks, all, for your interest. Apparently my previous post to the list was not delivered to the list because Simon Roberts's reply had a reply-to header to his id.
I have since been able to successfully run many programs using ./filename, but I do wonder why the current directory is not checked. What is wrong with that behaviour? And why should the DOS shell be derided for providing this facility?
PWD may or may-not be in the path of the user. *nix checks the path first, DOS checks the path and the current directory. (I do mean checks, as DOS is still being used today, I've run 4 CNC machines that boot DOS, 2 MS-DOS and 2 DR-DOS).
I did a man exec and it seems to be a bash script executor, IIRC you had compiled the program in the original question, what impact could exec have in this situation?
When calling "exec ./myapp" the process image of the shell is replaced
with the process image of myapp which is loaded from disk. When myapp
returns the shell process is not available anymore, since it has been
replaced with myapp. You will usually not use exec with interactive
shells.
\Steve
--
Steve Graegert
On Sun, 2006-01-08 at 13:14 +0530, Shriramana Sharma wrote:
Sunday, 08 January 2006 11:09 samaye, Tom Peters alekhiit:
Where is it? Your current directory is not checked for executables in most shells, unlike that toy o/s MS-DOS. If there isn't a PATH to it, you will definitely have to specify ./filename
Thanks, all, for your interest. Apparently my previous post to the list was not delivered to the list because Simon Roberts's reply had a reply-to header to his id.
I have since been able to successfully run many programs using ./filename, but I do wonder why the current directory is not checked. What is wrong with that behaviour? And why should the DOS shell be derided for providing this facility?
It is done for security reasons. You must manually add the ability to execute files in the "." (current) directory. -- Ken Schneider UNIX since 1989, linux since 1994, SuSE since 1998
I have since been able to successfully run many programs using ./filename, but I do wonder why the current directory is not checked. What is wrong with that behaviour? And why should the DOS shell be derided for providing this facility? I'm just reiterating what has been said. The way things work is that if you do not provide a path, then the system searched each directory in your PATH variable. If the
On Sun, 8 Jan 2006 13:14:30 +0530
Shriramana Sharma
participants (6)
-
Jerry Feldman -
Ken Schneider -
Mike McMullin -
Shriramana Sharma -
Steve Graegert -
Tom Peters