Hi, Just kept looking for info on this, and found an old post on gnu.bash.bug regarding this, where you (Chet) replied saying that this is how $PATH should work. Do you have anything mentioning why that is the case? It seems like a big security risk, seeing as scripts can insert things into the path and this kind of situation can arise pretty easily without the operator knowing it.
At any rate, feel free to reject the bug - sorry I didn't find these posts earlier. -Asten On 10/16/05, Asten Rathbun <[EMAIL PROTECTED]> wrote: > Hi, > > Unfortunately I have a slack distro that doesn't include bashbug and > was having issues getting it compiled right, so please accept this bug > report... this confounded me for awhlie > > > ----The version number and release status of Bash > > [EMAIL PROTECTED]:/usr/local/www/bin# bash --version > GNU bash, version 3.00.15(2)-release (i486-slackware-linux-gnu) > Copyright (C) 2004 Free Software Foundation, Inc. > > > ----The machine and OS that it is running on: > Slackware, i686-pc-linux-gnu) > > A list of the compilation flags or the contents of `config.h', if appropriate > N/A > > ---A description of the bug > I noticed that I was able to run executables that shouldn't have been > in my path while in the directory as root. This is akin to having the > "." directory in Root's path - a well-known no-no. However, the PATH > variable did *NOT* include ".". In setting the path, two : > separators were left next to each other. Removing the extra : removes > the effect. > > ---A recipe for recreating the bug reliably > > (Notice extraneous : after /sbin) > > [EMAIL PROTECTED]:/usr/local/www/bin# echo $PATH > /usr/local/sbin:/usr/sbin:/sbin::/usr/local/mysql/bin:/usr/local/bin:/usr/bin:/bin:/usr/X11R6/bin:/usr/lib/java/bin:/usr/lib/java/jre/bin > [EMAIL PROTECTED]:/usr/local/www/bin# apachectl > Usage: /usr/local/www/bin/httpd [-D name] [-d directory] [-f file] > [-C "directive"] [-c "directive"] > [-k start|restart|graceful|stop] > [-v] [-V] [-h] [-l] [-L] [-t] [-S] > <snip> > [EMAIL PROTECTED]:/usr/local/www/bin# > PATH=/usr/local/sbin:/usr/sbin/sbin:/usr/local/mysql/bin:/usr/local/bin:/usr/bin:/bin:/usr/X11R6/bin:/usr/lib/java/bin:/usr/lib/java/jre/bin > [EMAIL PROTECTED]:/usr/local/www/bin# apachectrl > -bash: apachectrl: command not found > > > ----A fix for the bug if you have one! > Sorry, no fix. > > _______________________________________________ Bug-bash mailing list Bug-bash@gnu.org http://lists.gnu.org/mailman/listinfo/bug-bash
