i have a question about something i read in my linux book.. ill type out a quote from it:
Configuring to have the current directory set in your path does involve some risk if a hacker gains access to your account while you are logged in. For example, a hacker might gain access through an open port (communication path in a network protocol). If you choose to put your current working directory in the PATH variable, be certain you have secured access to your account, such as through closing unused ports.
i cant seem to comprehend it; why is it a threat? The example used in the book i think was (as i closed it just now and am really lazy
could someone explain briefly how this could be a threat/exploited? also include your ip address, any opened ports and username + passwd please. thanks
..haha.. ok, jk about that.. but really, just wondering how this could be a threat?
also, right when the above example command is executed, the . (dot) is read by the shell and immediately replaced with the current directory/pwd THEN saved in the path environment variable, right? like, if i use the above command then cd to someplace else, my now pwd isnt in the path variable right? ya.. ok i assume thast right, nevermind heh.
i wont ever be trying this command, i dont see myself ever finding any use for it, but i just read it last night and was wondering, thats all