Re: [Groff] moving TOC to start

[Keith MARSHALL]

Tadziu Hoffman wrote:
> Assume that you (an unsuspecting groff user) want to format a
> document downloaded from the internet for printing, but the
> roff-file has unfortunately been modified by some malicious
> prankster to write a shell script called "ls" to your personal
> "bin" directory (which is included in your PATH *before* /bin)
> and the next time you execute ls...  well, you get the idea.
> (I'm ignoring things like the permission bits here, but you can
> instead append to a file that already has execute permission.)
>
> Furthermore, "-U" does not only allow "extended functionality",
> but omitting "-U" also gives you "reduced functionality" by
> disabling the ".sy" request that allows executing arbitrary
> programs in your name.

Thanks for this explanation, (and also thanks to Mike Bianchi
for a similar one).  Of course, I get the point now.

Never having actually used `.sy' and friends, I simply hadn't
considered the possible security implications it may introduce,
when coupled with the ability to write arbitrarily named files;
(makes note: put brain in gear before rushing to type).

BTW, I *never* have *any* user writeable directory before the
system binary directories, in *my* PATH;  but, I guess it would
be naive to expect everybody to follow that piece of simple
security advice.

Regards,
Keith.