Re: Trivial script will NOT execute
On Mon 07 Nov 2016 at 07:59:25 (-0500), Greg Wooledge wrote:
> On Sat, Nov 05, 2016 at 10:42:46AM -0500, David Wright wrote:
> > The current working directory is included here three times???at the
> > beginning, middle and end.
> >
> > :/usr/bin::/bin:.
>
> Including the current directory in one's PATH (either by using "."
> explicitly, or by using an empty string) is considered a bad practice.
> It opens you up to certain exploits by malicious users.
Yes, thanks for reinforcing the point I made in my previous paragraph.
While many people are aware that inserting . in ones PATH is bad
practice, far fewer seem to be aware that an extra : is just as bad
because of the same effect.
> > One other point. I see you use spaces in your filenames. Regardless of
> > this, you should quote your strings in such as FILENAME=$F$N$E
>
> In a simple assignment like that, you don't need to quote. Word
> splitting and pathname expansion are not performed, for legacy
> reasons. However, quoting doesn't hurt.
>
> http://mywiki.wooledge.org/Quotes
Let us hope that the OP (to whow my comment was personally directed)
reads your pages and the many excellent ones that accompany it.
Your rule of thumb might be a good practice for the OP to follow:
"The basic rule of thumb is that you should double-quote every
expansion. [...] When in doubt, quote it."
I think that '''
That's not a mere 'scary' thought, it is a *TERRIFYING* thought :<
"Why?" you may ask. " 'cause it implies an intrinsic failure of *nix documentation."
''' is a good indication of doubt on the part of the OP.
Cheers,
David.
Reply to: