[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#36151: Clearing out old policy proposals

On Thu, Jun 21, 2001 at 07:44:59AM +1000, Herbert Xu wrote:
> Steve Greenland <stevegr@debian.org> wrote:
> > Bug #36151: etc/init.d scripts should specify an explicit PATH
> > Summary: init.d scripts shouldn't depend on having PATH set in a
> > useful manner -- they should explicitly set the PATH. Not much
> > discussion in the bug logs, and most of the flame^H^H^H^H^Hdiscussion
> > took place on debian-devel. Result inconclusive. Last few notes
> > in BTS are that it should be part of the coding guidelines, not 
> > policy
> > Discussion: No additional comments
> > Action: Retitle as "GUIDELINE" for future reminder.
> This proposal is backwards.  Not only should we not set PATH in /etc/init.d
> scripts, we should disallow packages from doing so (except for including
> extra directories).  The reason is that it does away with the whole point of
> the PATH variable, which is to allow the caller to override binaries.
> For example, if the script didn't set PATH, I could put /usr/local/sbin in
> front of it to override start-stop-daemon.  This simply isn't possible if
> PATH was set.

Correct solution to solve both issues:

  Scripts which use programs in a directory other than /usr/bin and
  /bin (and /usr/bin/X11?) should append that directory to the PATH
  environment bariable using a command such as the following to ensure
  that the program will be found:


  This ensures that the program will be found without losing the
  possibility that the user might wish to override the system binary
  by adding a local directory to the PATH.  Of course, if an
  application is intended to be secure, the PATH should be explicitly



         Julian Gilbey, Dept of Maths, Queen Mary, Univ. of London
       Debian GNU/Linux Developer,  see http://people.debian.org/~jdg
  Donate free food to the world's hungry: see http://www.thehungersite.com/

Reply to: