On Wed, 1 Jun 2005, Brock Noland wrote: > When running script which is not in my path I have always used > ./script_name. However at my current job most people are used not > having to use the ./. My question is how do you get scripts to run > WITHOUT the ./? That's because they have the current directory in the path. THIS IS A HUGE SECURITY VULNERABILITY and you should never, EVER do it. Keep using the ./script. It's MUCH better than compromising security on your box. I cannot stress this enough: do NOT add Current Directory to the path. Here's why this is important. One method of cracking a machine is replacing commonly run programs with trojan versions of the same program. It might be hard to replace /bin/ls, but NOT that hard to drop your trojan 'ls' program in many different directories. /tmp, for example, is always world-writable. So lets say I put a trojan version of ls, cp, mv, ssh or whatever in /tmp. And then you cd to /tmp and execute one of these programs. If Current Directory is in your path, you've just run one of my trojans. So, once again. DON'T DO IT. -Yaron --