Why are Trojan horses that take advantage of misspellings so dangerous?
Sobell: Trojans that take advantage of misspellings are dangerous because everyone makes a typo now and then. For example, it is very easy to type sl instead of ls and, if the mistyped command displays the correct output, you may not notice that it installed a key logger or other mischievous program in the background. Using TAB-completion when you give commands can help by notifying you that there are multiple commands that start with the same letters. What’s a good way to stop that type of Trojan horse? Sobell: Check your PATH variable and make sure that there are no directories in PATH that a user other than Superuser can write to. (If an attacker can already write to the disk as Superuser, the system is probably already compromised.) With PATH set up properly, the only way this kind of Trojan can work is if you specify a pathname of a user-writable directory when you give a command, which you are not likely to do. When you use su to gain Superuser privileges, make sure to use su – (
