HPE Community
Operating System - HP-UX
1830898 Members
3109 Online
110017 Solutions
New Discussion

some question about running a unix command

 
ng_7
Regular Advisor

‎07-11-2007 04:16 PM

‎07-11-2007 04:16 PM

some question about running a unix command

hi, all

I am new to unix, and I have some query on why some command need to put ./ in front and some don't need. eg : to start and stop cron, we have to go to /sbin/init.d then type ./cron start and ./cron stop . The cron won't be able to start/stop cron by just issueing cron start or cron stop.

can please advise.

thank you very much
0 Kudos
Reply
3 REPLIES 3
Dennis Handly
Acclaimed Contributor

‎07-11-2007 04:32 PM

‎07-11-2007 04:32 PM

Re: some question about running a unix command

You are doing it incorrectly. You don't go to /sbin/init.d. But you use an absolute path:
/sbin/init.d/cron start

The reason you have to use ./ is because of security concerns. root should NOT have "." in PATH. If you are used to not providing the absolute path, or commands in specific sysadmin directories, a malicious can create his own cron that root executes.
0 Kudos
Reply
A. Clay Stephenson
Acclaimed Contributor

‎07-11-2007 04:35 PM

‎07-11-2007 04:35 PM

Re: some question about running a unix command

Run this command and the reason should be made clear:
echo ${PATH}

In your case, ${PATH} does not contain the current working directory, (./). Moreover, root's PATH should NEVER contain the CWD as it would be very easy for some to place a commonly used command such as ls in a directory and root would then execute it. It might even seem to behave just as the real ls (/usr/bin/ls) but also do some dangerous task such as set a setuid bit and chown root a file which could then be used to usurp a system. It's really not a good idea to include the CWD in any user's PATH but if you do choose to do it, make ./ the last entry in the PATH.
If it ain't broke, I can fix that.
0 Kudos
Reply
Todd McDaniel_1
Honored Contributor

‎07-12-2007 07:46 AM

‎07-12-2007 07:46 AM

Re: some question about running a unix command

I agree wholeheartedly.

As a new unix admin, you need to get used to using the full path for all purposes. It is good practice. For coding scripts you can create Variables inside the scripts to make them modular. so you can easily change them if the path to your executables change or you need to port the script to some other version of Unix where the command paths are different.

----------------------------------------
An additional advisory from me would also be to never code a command line in your crontab. always put any commands you want cron to execute in a script format, then put the script name in the crontab.

The crontab is a weak point and can be hacked... Never place ordinary unix commands in there. They could be hacked similarly to what they are warning you about regarding having ./ in your path.
Unix, the other white meat.
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.