On 2.5.2018 15:30, Stephen Gallagher wrote:
Does anyone see a reason not to prioritize ~/.local/bin over /usr/bin?Yes, if a user's account is compromised (or any service running as them), it's REALLY easy to drop faked tools into a user-private directory and override critical system tools (like replacing 'bash' with a keylogger).
If user's account is compromised, user's PATH can be changed. IMHO the provided argument is not valid.
-- Miro Hrončok -- Phone: +420777974800 IRC: mhroncok _______________________________________________ devel mailing list -- devel@lists.fedoraproject.org To unsubscribe send an email to devel-le...@lists.fedoraproject.org
