On Tuesday 03 July 2007 18:03, Mike McCarty wrote: > Brian Beesley wrote: > > Either add . to the PATH environmental > > variable or > > BAD idea.
I didn't say it was good! One theoretical problem is that e.g. a rogue web page might create a file in the CWD, somehow give it execute privilege then arrange to have it execute (arbitrary code). The secure workaround is to have mprime execute as a dummy user (with no logon privilege); start & stop the mprime process from the system rc scripts. Now the mprime user won't be running anything other than mprime, and having . in PATH for a non-login user isn't an issue. > > > put a copy of mprime somewhere on the path( ~/bin is a good choice) or > > invoke > > Much better idea. However, not all distributions put ~/bin into the PATH > variable by default. I believe that Debian does not, for example. Fixable. Though you might need to create ~/bin as well. > /usr/local/bin is another reasonable place. Except you _should_ need root privilege to write files there, and you shouldn't be running mprime as root. Regards Brian Beesley _______________________________________________ Prime mailing list [email protected] http://hogranch.com/mailman/listinfo/prime
