chapter 6, installing kernel headers
Wouter Van Hemel
wouter at pair.com
Fri Jan 17 15:15:16 PST 2003
On Fri, 17 Jan 2003, Richard Lightman wrote:
> Better still, do not ever extract tar archives as root:
> That could just as easily install a static ps or ls that installs a
> root kit.
As long as you don't put '.' in root's path, there's no chance of ever
executing something malicious.
Root unpacking 'static' names in public directories such as /tmp and
/var/tmp like you did, is way more dangerous though. Think about symlink
attacks such as overwriting other files or using named pipes. Not too
important for a home *nix user, but if you are an adminstrator as
profession, you better learn never, ever to use /tmp as root.
Unsubscribe: send email to listar at linuxfromscratch.org
and put 'unsubscribe lfs-dev' in the subject header of the message
More information about the lfs-dev