On Sun, 23 Feb 2003 00:52:22 +0200 (IST)
Matan Ziv-Av <[EMAIL PROTECTED]> wrote:
> On Sat, 22 Feb 2003, Oron Peled wrote:
>
> > Another related issue. I hope nobody don't use '.' in your path
> > as root -- this is suicidal in terms of security.
>
> Only on systems which (might) have malicious users. Not relevant for
> home computers.
What I pointed was bad *habbit* used by a person (computers don't
have habbits yet ;-)
Even if we assume there is no security issue with home system
(and some replies refuted this), the same user may later administer
a multiuser Linux server. He would almost certainly carry his
habbits with him, as he is used to running 'foo' from current
dir and have it working "automatically" without the need for
the "cumbersome" ./foo
As I pointed out this habbit have two negative effects:
- For any user it has the potential to create confusion
with builtins, aliases, functions, normal system commands.
This was the case I was answering about.
- I used the opportunity to warn about the dangers to root
because I see in many places administrators which are
unaware about it. Happily, Daniel replied that he doesn't
put '.' in path on his root account, so at least he is
immune to the second issue (but not the first....)
You'll be amazed how many times people name a script/program without
being aware it is used by someone. Anybody who relies on his memory
is optimistic:
ls `echo $PATH | sed 's/:/ /g'` | wc -l
4164
Any hope to remember ~4k commands on this PATH so you don't use
any duplicates? And I didn't count shell builtins...
And don't you say "but '.' is first on my PATH". How many time we
source scripts (e.g: in /etc/profile.d/) which rightfully contains
fragments like:
PATH="/opt/foo/bin:$PATH"
Good habbits are very important in complex environment like Linux/Unix
many of them encapsulate "best practices" learned over the years
the hard way (i.e: clashing with the results of doing it differently).
Phewwwuuu, what a thread. I didn't think it would be hot topic.
----------------------------------------------------------------
Oron Peled Voice/Fax: +972-4-8228492
[EMAIL PROTECTED] http://www.actcom.co.il/~oron
Linux lasts longer!
-- "Kim J. Brand" <[EMAIL PROTECTED]>
=================================================================
To unsubscribe, send mail to [EMAIL PROTECTED] with
the word "unsubscribe" in the message body, e.g., run the command
echo unsubscribe | mail [EMAIL PROTECTED]
