Current directory in startup PATH (UNIX)

Module: Startup Files

This check examines the contents of the rc scripts and warns of any that set the PATH variable to include the current directory (with "." or "::" commands). This check examines the same scripts as the System startup file contents check does. Use that check's file list to exclude system startup files for this check. Specify full path names in the file list.

The following table lists the error message for the check.

Table: Error message for Current directory in startup PATH

Message String ID and Category	Platform and Message Numeric ID	Message Title and Description	Additional Information
String ID: STKU_CURR_DIR_IN_PATH Category: Policy Compliance	UNIX (5867)	Title: Current directory command in PATH variable Description:The named startup file sets the PATH variable to include the current directory (with a . or :: command). This can lead to problems when the system is compromised and someone is able to put replacements for commonly-used programs (trojan horses) in directories where services are run. You should remove all current directory commands from PATH variables.	Severity: yellow-1 Correctable: false Snapshot Updatable: false Template Updatable: false Information Field Format: [Line: %s; line num: %s]

Message String ID and Category

Platform and Message Numeric ID

Message Title and Description

Additional Information

String ID: STKU_CURR_DIR_IN_PATH

Category: Policy Compliance

UNIX (5867)

Title: Current directory command in PATH variable

Description:The named startup file sets the PATH variable to include the current directory (with a . or :: command). This can lead to problems when the system is compromised and someone is able to put replacements for commonly-used programs (trojan horses) in directories where services are run. You should remove all current directory commands from PATH variables.

Severity: yellow-1

Correctable: false

Snapshot Updatable: false

Template Updatable: false

Information Field Format: [Line: %s; line num: %s]