[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Bug#210243: ITP: xspringies -- Interactive 2D mass/spring simulation system for X

On Mon, Sep 15, 2003 at 03:47:42PM +0100, Steve Kemp wrote:

> On Mon, Sep 15, 2003 at 10:45:48AM -0400, Matt Zimmerman wrote:
> > > +#define COMPRESS	"/bin/gzip"
> > > +#define UNCOMPRESS	"/bin/gunzip -c"
> > I've never been a proponent of hardcoding paths to programs.  This will
> > immediately make the program non-portable to basically any non-GNU type
> > system, and doesn't provide any significant benefit (/bin is in PATH).
>   I'm not terribly keen on it myself, but I do think that it's safer
>  than trusting a potentially malicious $PATH setting.

$PATH is almost always trusted; the exception is setuid programs which
should sanitize PATH.  xspringies is not setuid, is it?

 - mdz

Reply to: