Slackware PATH Environment Variable Vulnerability

Slackware PATH Environment Variable Vulnerability

Slackware Linux uses an insecure PATH environment variable. It has been reported that the root users PATH variable contains an entry for the current working directory '.' as well as the '/usr/andrew/bin' directory. These entries pose a security threat, as it may be possible for an attacker to construct malicious executables, using the names of commonly used system commands, in a commonly used directory or the '/usr/andrew/bin' directory.