From: champion@cch.coventry.ac.uk (Alun) Subject: Re: question about setuid Date: 1 Apr 1993 11:53:19 GMT
In article <1p9ns6$p31@nz12.rz.uni-karlsruhe.de> ig25@fg30.rz.uni-karlsruhe.de (Thomas Koenig) writes:
> [rest deleted]
>
> According to the "Posix Programmer's Guide" by Don Lewine, the exec*()
> family of functions also looks in the environment variable PATH if
> the program to be executed cannot be found in the current directory.
> This is indeed implemented this way in Linux (or was, the last time
> I looked, around 0.99pl5); programs which use exec* are still vulnerable
> if they don't contain an explicit path (say execve("/bin/ls",...)
Thats not the case on our system (Sequent symmetry ). These family of
exec*() functions are interfaces to the execve() system call. In the
manual page for execve there was no reference to the filename being
expanded using the PATH environment variable, but...
[excerpt from the manual for the family of exec*()]
Execlp and execvp are called with the same arguments as
execl and execv, but duplicate the shell's actions in
searching for an executable file in a list of directories.
The directory list is obtained from the environment.
This seems to imply that no expansion is done ;') except for execlp and execvp.
I always thought this was the case and would be very upset if I find this
to be incorrect.
-Alun
-- | *I'm as bad as the worst - but thank God(?) I am as good as the best.* | | --------------------------------------------------------------------------- | | A.Champion : champion@uk.ac.cov.cch (Student account) | | stl006@uk.ac.cov.cch (Student liaison account) |