Re: egrep moved to /usr/sbin

To: debian-devel@lists.debian.org
Subject: Re: egrep moved to /usr/sbin
From: "H. S. Teoh" <hsteoh@quickfur.ath.cx>
Date: Mon, 6 Jan 2003 23:33:31 -0500
Message-id: <[🔎] 20030107043331.GA20969@crystal>
Mail-followup-to: debian-devel@lists.debian.org
In-reply-to: <[🔎] E18ViX9-0002i0-00@gondolin.me.apana.org.au>
References: <[🔎] 20030106213821.GA17842@crystal> <[🔎] E18ViX9-0002i0-00@gondolin.me.apana.org.au>

On Tue, Jan 07, 2003 at 12:27:59PM +1100, Herbert Xu wrote:
> H. S. Teoh <hsteoh@quickfur.ath.cx> wrote:
> > 
> > How about this:
> > 
> > #!/bin/sh
> > PATH=/usr/bin:/bin:/usr/sbin:/sbin; export PATH
> > ...
> > grep ...
> > 
> > All shell scripts that run with root privileges ought not to trust preset
> > PATH variables, anyway.
> 
> This is stupid because we don't have setuid scripts.  You should not
> override the PATH at all.
[snip]

Actually, I agree that we shouldn't override PATH. The root user really
should be properly configured to have a sane path anyway. But this is in
response to the original objection about "unsafe" PATH settings. I was
just pointing out that paranoid sysadmins still have this option if they
decide the PATH from the environment cannot be trusted. But the point is,
there really aren't many good reasons (if at all) to hardcode paths to all
binaries. 

T

-- 
Always remember that you are unique. Just like everybody else. -- despair.com

Reply to:

References:
- Re: egrep moved to /usr/sbin
  - From: "H. S. Teoh" <hsteoh@quickfur.ath.cx>
- Re: egrep moved to /usr/sbin
  - From: Herbert Xu <herbert@gondor.apana.org.au>

Prev by Date: ITP: gucharmap -- Unicode character picker and font browser
Next by Date: Re: gcc 3.2 transition in unstable
Previous by thread: Re: egrep moved to /usr/sbin
Next by thread: Re: egrep moved to /usr/sbin
Index(es):
- Date
- Thread