On 2017-06-19 at 11:59, Henrique de Moraes Holschuh wrote: > On Mon, 19 Jun 2017, Greg Wooledge wrote: > >> You appear to be claiming that putting ~/bin in PATH is somehow >> inherently unsafe. I don't agree. Under what conditions would >> this result in any kind of privilege escalation? > > The OP was complaining that ~/bin was being *prepended* to PATH, > instead of appended. > > When you prepend ~/bin to PATH, it allows one to have a shell script > such as ~/bin/sudo that will be run instead of the system's sudo. > Then, some use of social engineering might get an admin or some other > user to type in a password to run a command using su or sudo. > > That said, no, it is not usually considered a security > vulnerability, because NOT using the full path to run commands such > as "su" and "sudo" in the first place IS considered gross > negligence. > > So, train your fingers! There is no "su", it *is* /bin/su. And > there is no "sudo", it *is* /usr/bin/sudo. Never trust aliases, > PATH, or anything of the like for this stuff. Wouldn't that seem to be an argument against installing the real su, sudo, and so forth, _anywhere_ in $PATH? If running them in any other way than with the full explicit path is such bad security practice, then why do we install them in such a way as to facilitate doing so? -- The Wanderer The reasonable man adapts himself to the world; the unreasonable one persists in trying to adapt the world to himself. Therefore all progress depends on the unreasonable man. -- George Bernard Shaw
Attachment:
signature.asc
Description: OpenPGP digital signature