May 2007
Beginner
628 pages
15h 46m
English
You need to make sure that there are no malicious aliases in your environment for security reasons.
Use the \unalias-a command
to unalias any existing aliases.
If an attacker can trick root or even another user into running a command, they will be able to gain access to data or privileges they shouldn’t have. One way to trick another user into running a malicious program is to create an alias to some other common program (e.g., ls).
The leading \, which suppresses alias expansion, is very important because without it you can do evil things like this:
$ alias unalias=echo $ alias builtin=ls $ builtin unalias vi ls: unalias: No such file or directory ls: vi: No such file or directory $ unalias -a -a
Read now
Unlock full access