Re: egrep moved to /usr/sbin

["H. S. Teoh" <hsteoh@quickfur.ath.cx>]

On Mon, Jan 06, 2003 at 01:18:51PM -0700, Eric Schwartz wrote:
[snip]
> Not so; it prevents a potential security problem from users who have
> insecure PATH settings. 

How about this:

#!/bin/sh
PATH=/usr/bin:/bin:/usr/sbin:/sbin; export PATH
...
grep ...


All shell scripts that run with root privileges ought not to trust preset
PATH variables, anyway.

> By hardcoding the locations of binaries, you prevent them from screwing
> themselves up that way. 

No, hardcoding binaries is ugly and nonportable. It's probably OK for
local scripts, but not for scripts shipped by Debian. The script should
set its own PATH variable if it doesn't trust what it inherited from the
environment.

> Also, you can prevent aliases from screwing up your program's output:
> I've found numerous bugs in shell scripts that were caused by my
> aliasing ls to 'ls -FCs', and fixed by forcing ls to /bin/ls. 

They can be de-aliased with a backslash (at least on bash and tcsh, YMMV):

bash-2.05b$ alias ls='echo BAH'
bash-2.05b$ ls
BAH
bash-2.05b$ \ls
bin  mail
bash-2.05b$


T

-- 
Many open minds should be closed for repairs. -- K5 user