On Thu, Nov 01, 2007 at 03:15:47PM +0100, Florian Kulzer wrote:
> On Thu, Nov 01, 2007 at 06:31:22 -0700, David Fox wrote:
> > On Nov 1, 2007 5:49 AM, Florian Kulzer wrote:
> > >
> > > ~/.bash_profile does this by default nowadays:
> > >
> > > # set PATH so it includes user's private bin if it exists
> > > if [ -d ~/bin ] ; then
> > > PATH=~/bin:"${PATH}"
> > > fi
> > >
> >
> > That's not as secure as putting the ~/bin part at the end.
>
> There is already an open bug report about handling ~/bin:
>
> #379696: ~/bin handled incorrectly in .bashrc and .bash_profile
> (Outstanding bugs - Normal bugs; Unclassified)
>
> We could add the suggestion to put it at the end of $PATH instead of in
> front.
I was starting to do this, but then got to thinking about it. If a
user has bothered to install something in ~/bin, then presumably they
want to actually run that program. If they've installed a binary there
that has the same name as a system-wide binary, its a good bet that
they intend to run the local one, otheriwse, why put it there? Hence
it makes sense to put ~/bin on the front of $PATH.
The sensible solution is to not have group or world write permissions
on ~/bin. This is, to my mind, the proper way to do it. Just as /bin
is not group or world writeable, so should be ~/bin.
A
Attachment:
signature.asc
Description: Digital signature