[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: /etc/init.d scripts WAS: Re: start-stop-daemon on Debian (fwd)

On Sun, 18 Apr 1999, Raul Miller wrote:
> > In general it's safer to fully specify root's $PATH rather than trust
> > what was inherited from the parent.

Brock Rozen <brozen@torah.org> wrote:
> And this policy changes what? 

There's several policies I've seen proposed: one specifying that root's
$PATH should have certain elements (good, in my opinion), another
specifying that root's $PATH must be altered by appending new elements
(bad, in my opinion).

I think that the append mechanism is bad because there are a number of
contexts where this isn't the best solution.

> The parents PATH would be inherited anyhow, wouldn't it? So we're
> doing what to it that reduces security?

Consider su -c /etc/init.d/blah

In another message:
> > Then again, I think Brock should also consider using env.

Brock Rozen <brozen@torah.org> wrote:
> My particular problem was solved by using a ~/.ssh/environment file on
> the target machine,

Yes, I saw that after I posted the above sentence, and I agree that
this is a better solution to your problem.

-- 
Raul
Reply to: