On Thu, Nov 01, 2007 at 03:15:47PM +0100, Florian Kulzer wrote:
> On Thu, Nov 01, 2007 at 06:31:22 -0700, David Fox wrote:
> > On Nov 1, 2007 5:49 AM, Florian Kulzer wrote:
> > >
> > > ~/.bash_profile does this by default nowadays:
> > >
> > > # set PATH so it includes user's private bin if it exists
> > > if [ -d ~/bin ] ; then
> > > PATH=~/bin:"${PATH}"
> > > fi
> > >
> >
> > That's not as secure as putting the ~/bin part at the end.
>
> There is already an open bug report about handling ~/bin:
>
> #379696: ~/bin handled incorrectly in .bashrc and .bash_profile
> (Outstanding bugs - Normal bugs; Unclassified)
>
> We could add the suggestion to put it at the end of $PATH instead of in
> front.I was starting to do this, but then got to thinking about it. If a user has bothered to install something in ~/bin, then presumably they want to actually run that program. If they've installed a binary there that has the same name as a system-wide binary, its a good bet that they intend to run the local one, otheriwse, why put it there? Hence it makes sense to put ~/bin on the front of $PATH. The sensible solution is to not have group or world write permissions on ~/bin. This is, to my mind, the proper way to do it. Just as /bin is not group or world writeable, so should be ~/bin. A
signature.asc
Description: Digital signature
