Skip to main content
๐Ÿ““ Tibero Online Manual Click here ๐Ÿ““

Search

Welcome to Tibero GTS!

Bypass Method for Security Vulnerabilities When Adding '.' in .bash_profile PATH Environment Variable Setting

Document Type | Troubleshooting 

Category | Security

Applicable Product Versions | 6FS07PS, 7FS02PS

Document Number | TSETS002

 

Issue

In the Tibero operating environment on Linux-based operating systems, when setting the PATH in the .bash_profile file, if .(current directory) is specified at the very front, command hijacking (Masquerading) or privilege escalation (abuse of root privileges) and other security vulnerabilities may occur.

 

Cause

. represents the current directory and is used to easily execute executable files in the current directory.
'PATH=.:' setting causes executable files in the current directory to be executed first when running commands in the terminal, which can lead to the following issues.


1. Possibility of External Attacks

. If an attacker creates malicious command files such as ls, cp, rm, etc., there is a risk that the malicious program will be executed first when commands are run in that directory.
 

2. Risk of Malicious Scripts Running with Root Privileges

. root or DB administrators executing scripts with .bash_profile including . may risk running malicious scripts with root privileges.

 

Solutions

.bash_profile PATH environment variable setting when adding . at the front exposes security vulnerabilities; the bypass methods are as follows.


1. Remove . from .bash_profile PATH

. To execute files in the current directory, explicitly enter ./{executable filename}.
  • AS-IS : export PATH=.:$TB_HOME/bin:$TB_HOME/client/bin:$PATH
TO-BE : export PATH=$TB_HOME/bin:$TB_HOME/client/bin:$PATH
 

2. Move . to the end of PATH (Bypass Method)

. is moved to the end, pushing its search order lower in PATH.
. This method is not a complete solution since it sequentially checks '/etc/profile', root account environment variable files, and normal account environment variable files, but can be used as a bypass.
  • AS-IS :export PATH=.:$TB_HOME/bin:$TB_HOME/client/bin
  • TO-BE : export PATH=$TB_HOME/bin:$TB_HOME/client/bin:.
 

3. AS-IS / TO-BE Examples

Category
Setting example
AS-IS (Risk)
export PATH=.:$TB_HOME/bin:$TB_HOME/client/bin:$PATH
TO-BE (Recommended)
export PATH=$TB_HOME/bin:$TB_HOME/client/bin:$PATH
TO-BE (Bypass)
export PATH=$TB_HOME/bin:$TB_HOME/client/bin:$PATH:.

 

 
 

Related to