POSIX mandates that an empty dir in the PATH env variable (i.e. an
initial or terminal colon, or an empty entry "...::...") be treated as
meaning the current working dir, allowing to try to execute the
searched utility there.
This does mean that one user setting a PATH with variables:
PATH="/bin:/usr/bin:$MYSCRIPTS:/usr/pkg/bin"
if MYSCRIPTS is not defined, will end up including the current working
dir in his PATH, while it was not the intention.
The general rule of safety is doing:
PATH="/bin:/usr/bin:${MYSCRIPTS:-/not/existing}:/usr/pkg/bin"
but is there a pathname that is guaranteed not to exist?
Or is using "/dev/null" the choice? Or defining a special file in /dev
that will always have permissions as 0000? (and then what name? and
that will log what tried to access it.)
--
Thierry Laronde <tlaronde +AT+ kergis +dot+ com>
http://www.kergis.com/
http://kertex.kergis.com/
Key fingerprint = 0FF7 E906 FBAF FE95 FD89 250D 52B1 AE95 6006 F40C
