On Sun, 18 Apr 1999, Raul Miller wrote: > I think that the append mechanism is bad because there are a number of > contexts where this isn't the best solution. > > > The parents PATH would be inherited anyhow, wouldn't it? So we're > > doing what to it that reduces security? > > Consider su -c /etc/init.d/blah
And if the PATH wasn't appended, how would su -c /etc/init.d/blah be any different, except that it may not run? If that's desired behavior, because we want to force users to not be able to issue commands like that (even if they so desire) then that's one thing. OTOH, it's not only a matter of root's PATH being changed like everyone is making it out to be. The above su command is a good example of another case where the proper PATH might not be available unless the script appends what it needs. -- Brock Rozen [EMAIL PROTECTED] Director of Technical Services (410)358-9800 Project Genesis http://www.torah.org/
