Gerfried Fuchs wrote:
> Philip Muskovac <yo...@gmx.net>:
>> It currently adds ~/bin to the start of $PATH, which has been brought up
>> as a bit of a security issue. It should add that path to the end of the
>> $PATH variable, not the beginning.
>
> Actually I fail to see the security impact of this. If a user creates
> the bin directory themself and put stuff in there themself then it's on
> their own intention, not? I really fail to see the security part of the
> issue. Actually it makes sense to have ~/bin first in PATH to be able to
> override system tools intentionally.
Just as a point of information: outside the UNIX world, the English
noun "bin" means a container, usually with a lid; it's also,
especially in British English, a verb meaning "throw in a rubbish
bin" (US "trashcan", but compare Microsoft's "Recycle Bin").
If as an innocent newcomer to GNU/Linux I sort a set of downloaded
scripts into one directory called "keep" and another called "bin",
that doesn't necessarily mean I intend the second set to receive a
privileged position on my $PATH - on the contrary, it may mean I
think they look suspicious and intend to throw them away.
Malice isn't the only thing we need security against; the reason I
keep ~/bin at the *end* of my $PATH is for protection against my own
foolish mistakes. Long ago I wrote myself a Perlscript called
~/bin/deluser... so when a dist-upgrade introduced a system
executable of the same name and postrms started calling the wrong
one, I was thoroughly de-lusered.
--
JBR A long time ago this practice was followed, especially in the
upper classes, but today even the children of the lower classes
perform no executions, and this is extreme negligence.
-- _Hagakure_ (1716), Yamamoto Tsunetomo
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
