Less' is more to malware authors targeting Linux users


Userlevel 7
By Lucian Constantin
 
Using the "less" Linux command to view the contents of files downloaded from the Internet is a dangerous operation that can lead to remote code execution, according to a security researcher.
 
At first glance, less appears to be a harmless command that outputs a file's content to a terminal window and allows the users to navigate forward and backward through it. Less does not allow file editing, which is a job for file editors like the widely used vi, but has the benefit of displaying data on the fly without needing to load an entire file into memory. This is useful when dealing with large files.
 
 
full article
 

0 replies

Be the first to reply!

Reply

    Cookie policy

    We use cookies to enhance and personalize your experience. If you accept or continue browsing you agree to our cookie policy. Learn more about our cookies.

    Accept cookies Cookie settings