|
|
Bob Proulx wrote:
> Chet Ramey wrote:
>> Villeneuve wrote:
>>
>>> Fix:
>>> Do not prepend system paths in front of PATH in the bashbug script.
>>> Instead, these default paths could be appended to PATH if necessary.
>> To do otherwise is a potential security hole.
>
> It seems okay to leave PATH alone to me. Why set it at all?
>
> I don't see the security issue that you are concerned about. Could
> you educate me?
I suppose it's not a large security hole if $EDITOR is used, only
when bashbug chooses $DEFEDITOR.
Frankly, though, it's a good idea to set PATH to have the standard
binary directories before any others when writing a shell script,
especially one that can be run by root. That's just good practice.
Chet
--
``The lyf so short, the craft so long to lerne.'' - Chaucer
Chet Ramey, ITS, CWRU chet@xxxxxxxx http://cnswww.cns.cwru.edu/~chet/
|
|