[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Dangerous to have ~/bin first in $PATH [was Re: Odd Path issue]

On Sat, Sep 28, 2002 at 08:27:23AM +0100, Colin Watson wrote:
> I disagree that this is a security risk. I want to override
> system-provided executables, hence ~/bin is at the start of my $PATH. If
> my user account gets hacked into, all bets are off; it's pointless to
> worry about what somebody might put in ~/bin when they could just do
> whatever it was directly, modify my .bashrc, or whatever!
> I think a more sensible rule is to only put directories in $PATH that
> are at least as trusted as the relevant account. Thus, /usr/bin and so
> on are always fine, ~/bin is only fine for the owning user, and . is
> never a good idea.

My mistake - I mixed up ~/bin with . . Thanks for the correction.


Reply to: