Dangerous $PATH
Lekensteyn opened this issue · 3 comments
Lekensteyn commented
Your path is currently set to something like .:~/bin:/bin/usr/bin:$PATH
. Some notes on it:
- When running a program, the program will be searched from left to right
- Including relative directories (and especially the current directory) is insecure. Assume someone sends you a tarball which you extract, cd into and then run
ls
while the tarball has als
file too - It would make more sense to use
~/bin:/usr/local/{s,}bin:/usr/{s,}bin:/{s,}bin:$PATH
(apply expansion before setting it) according toman hier
pjg commented
Good point! I only don't understand one thing: "apply expansion before setting it" -- what should I do exactly before setting my PATH
to the above? If it's about ~
I'd rather have it like this as I'm using this .bash_profile
both for root
and local user.
Lekensteyn commented
Well, I was too lazy to write out /{s,}bin
to /sbin:/bin
, that's what I meant by expanding.
pjg commented
Ah! Applying :)