[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Bug#1041362: login: remove /bin and /sbin from default $PATH

Control: reassign -1 login.defs
Control: affects -1 openssh-server

On Mon, Aug 05, 2024 at 01:46:08AM +0200, Chris Hofstaedtler wrote:
> On Tue, Jul 18, 2023 at 12:04:17AM +0000, sr2k5m+f77yx29mu105s@cs.email wrote:
> > Please remove /bin and /sbin from ENV_SUPATH and ENV_PATH defined in /etc/login.defs because they are no longer necessary and only increase the length of $PATH.
> 
> I agree we should do this, but earliest in forky.

Adding openssh, as the PATH set for remote logins is set by sshd.

login.defs currently has:

ENV_SUPATH     PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
ENV_PATH       PATH=/usr/local/bin:/usr/bin:/bin:/usr/local/games:/usr/games

This is somewhat different from what openssh has in d/rules:

SUPERUSER_PATH := /usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
DEFAULT_PATH := /usr/local/bin:/usr/bin:/bin:/usr/games

Looks like we should do some realignment on these values anyway.

Chris
Reply to: