Gerfried Fuchs wrote: > Philip Muskovac <yo...@gmx.net>: >> It currently adds ~/bin to the start of $PATH, which has been brought up >> as a bit of a security issue. It should add that path to the end of the >> $PATH variable, not the beginning. > > Actually I fail to see the security impact of this. If a user creates > the bin directory themself and put stuff in there themself then it's on > their own intention, not? I really fail to see the security part of the > issue. Actually it makes sense to have ~/bin first in PATH to be able to > override system tools intentionally.
Just as a point of information: outside the UNIX world, the English noun "bin" means a container, usually with a lid; it's also, especially in British English, a verb meaning "throw in a rubbish bin" (US "trashcan", but compare Microsoft's "Recycle Bin"). If as an innocent newcomer to GNU/Linux I sort a set of downloaded scripts into one directory called "keep" and another called "bin", that doesn't necessarily mean I intend the second set to receive a privileged position on my $PATH - on the contrary, it may mean I think they look suspicious and intend to throw them away. Malice isn't the only thing we need security against; the reason I keep ~/bin at the *end* of my $PATH is for protection against my own foolish mistakes. Long ago I wrote myself a Perlscript called ~/bin/deluser... so when a dist-upgrade introduced a system executable of the same name and postrms started calling the wrong one, I was thoroughly de-lusered. -- JBR A long time ago this practice was followed, especially in the upper classes, but today even the children of the lower classes perform no executions, and this is extreme negligence. -- _Hagakure_ (1716), Yamamoto Tsunetomo -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org