Pantek Library

Hosting Provided By

CybrHost

High Speed Hosting

Re: .exrc file security risks

From: <aatkinson(at)fastmail.fm>
Date: Tue Apr 29 2003 - 20:14:31 EDT

Hi Paul,

> I'm verifying the validity of a Solaris hardening guide and came across

.exrc files are used to configure the vi editor. Everytime you start vi this file is read.

> What, if any, are the risks associated with these files? (Or possibly
.exrc can configure vi to (among many things) map keys to perform any vi commands and (worse still from a security perspective) map keys to run external commands. So you have the situation where if a .exrc file is compromised, a key could be maped to perform any command as the user running vi...

cheers,
andrew Received on Tue Apr 29 21:33:36 2003

This message: [ Message body ]
Next message: Reg Quinton: "Re: .exrc file security risks"
Previous message: Darren J Moffat: "Re: .exrc file security risks"
In reply to Paul Greene: ".exrc file security risks"
Next in thread: Reg Quinton: "Re: .exrc file security risks"
Reply: Reg Quinton: "Re: .exrc file security risks"

Contemporary messages sorted: [ By Date ] [ By Thread ] [ By Subject ] [ By Author ] [ By messages with attachments ]

This archive was generated by hypermail 2.1.8 : Wed Aug 23 2006 - 14:01:37 EDT

Contact Us Legal Notices Order Services Online
Pantek Home Privacy Policy IT news Site Map Pantek Library