Why the './' to execute files?
 

Ok, I understand the technical "WHY" we need to use './executable' to execute a program in the current directory. It has to do with the PATH variable. However, strategically, WHY was Linux built to require it for local path execution?

Here is my opinion.

It was done help the system admins to avoid executing user programs named identically to system commands. Here is an example:

Joe user write a shell script named "ls" in his home directory that contains:

unalias rm
rm -R /* > /dev/null 2>/dev/null

* there could be a typo in here....

Now he makes it executable

Silly admin sees something strange, so he goes into his directory and types ls.

If the current working directory is listed perhaps before /bin.... WOW... silly admin now has wiped the systems. If its not in the path, then it just executes the /bin/ls command that does what he expects.

Once again... my opinion

docalton is right, it is for security purposes. While it is acceptable for normal user accounts, it's very bad for root, so to be safe many distributions don't add "./" to the path at all.

The concept goes a bit like this:

Let's say the root user has "./" in his path. Let's also say somebody else who has access to the machine wants to do some damage or elevate his privileges.

What he could do would be to go into a directory he has write access to, for example /tmp, and create a script that has the same name as a common command, like "ls". The script could do whatever he wants; setup a copy of /bin/bash setuid root in their home directory, delete everything on the drive, etc. Then it would just execute the actual command it is named after so when it is run nothing seems amiss. The script would be run by root, so it would be able to do anything.

Then all he has to do is fill /tmp with some random garbage files, large enough to warrant attention. The root user goes into /tmp to see what is going on, logically runs "ls" to see the files, and oh boy, we are rooted.

When a command is entered at the prompt the shell only searches the path environment for a directory containing the desired file. Windows looks in the current working directory first and if the file was not found then searches the path environment. As already stated it is for security reasons.

./ is just a shortcut for the current working directory. One can always type the entire path to execute any command.

Wow ... Those are some excellent examples for this reasoning. Thanks for the lesson! Now that I understand that, I'm thinking MS has yet another hole to close ... hehe.

One more question. If I included . in my PATH variable, and I typed ls, how would the computer know which 'ls' to execute?

I tried it with a shell script, and it executed the one in the bin directory. I guess nothing is wrong with adding . to your PATH. It looks like there is some sort of precedence order. If that is the case, what is it?

As docalton said earlier, it is done in sequential order based on the $PATH environment variable.

Or in other words, if your $PATH was:

A program located in /usr/local/bin would be executed before one in /usr/games even if they had the same name.

So if you had ./ or . last, then it would run the normal "ls" command. But if you had it first, then it would run a local file named "ls" first.

Also on a side note to this.

The command "which" will tell you which actual program it would execute.

So. if you typed in: which ls
the result would/should be /bin/ls

If you used the following command in bash

export PATH=./:$PATH

and made a silly ls script (make it executable)

Then type in which ls

it would return .//ls denoting that it was running the ls script in the current directory

However: If you did export PATH=$PATH:./ then which ls should return /bin/ls because the first ls was found in /bin


The which command can be usful.

Hope this helps

It is easier to execute programs using absolute paths instead as relative paths. If relative paths are used, there is no way of knowing where the program came from. When using absolute paths, anybody can know where the program came from.

The ./ does not mean current work directory. The . is a short cut for the current working directory. The / makes the path complete. Of course a user can type .configure and run a program that produced different results than what is intended.

Example:
Assuming current working directory is /home/dumbo/tmp. Dumbo mistype ./silly by typing .silly. Dumbo had a script called tmpsilly located in /home/dumbo. It ran /home/dumbo/tmpsilly instead of /home/dumbo/tmp/silly.

Double check your commands before hitting enter or else you could be a dumbo.