Web lists-archives.com

Re: Why debian put ~/bin beginning of $PATH





On 08/08/2017 04:56 PM, spp mg wrote:
> 2017-08-09 4:04 GMT+08:00 Michael Lange <klappnase@xxxxxxxxxx>:
>> Hi,
>>
>> On Wed, 9 Aug 2017 03:11:48 +0800
>> spp mg <sm.sppmg@xxxxxxxxx> wrote:
>>
>>> Hi all
>>>
>>> In the ~/.profile has below default setting:
>>>
>>> --------------
>>> # set PATH so it includes user's private bin if it exists
>>> if [ -d "$HOME/bin" ] ; then
>>>      PATH="$HOME/bin:$PATH"
>>> fi
>>> --------------
>>>
>>> Why put ~/bin beginning ? Is that dangerous ?
>> like other people already pointed out there shouldn't be anything
>> dangerous about this.
>> One possible use case is for example that you could put there a
>> minimal script that temporarily overrides some environment variable, like
>> one I have here which reads:
>>
>> #!/bin/bash
>> GTK_IM_MODULE=gtk /usr/bin/poedit $@
>> exit $?
>>
>> This way I can conveniently call "poedit <filename>" with the desired
>> setting of GTK_IM_MODULE without either having to type the whole thing
>> each time or else having to permanently change GTK_IM_MODULE's setting
>> (the default value of which I modified for other reasons).
>>
>> Best regards
>>
>> Michael
>>
>> .-.. .. ...- .   .-.. --- -. --.   .- -. -..   .--. .-. --- ... .--. . .-.
>>
>> Fascinating, a totally parochial attitude.
>>                  -- Spock, "Metamorphosis", stardate 3219.8
>>
> Thinks to reply (very fast :D)
>
> I think it's may dangerous because generally system command should be
> highter older then user's command.
User's command is usually stored in "/usr/local/bin". It should be 
placed before "/bin" in the $PATH.

And it does in my Debian Stretch.

echo $PATH
/usr/local/bin:/usr/bin:/bin:/usr/local/games:/usr/games

> For example , some guy put a "rm" but named "ls" to ~/bin . This "ls"
> can be virus or ransomware , user may not know it's not which he
> want("ls").
If someone replace "ls" with "rm", you cannot prevent this by trying to 
put "/bin" at the end of $PATH.

$PATH is used to search executable file. At the head of $PATH is with 
high priority.

If there are two "ls" in different places(one /bin, one /usr/bin) of 
$PATH. It causes different effects(which ls will be executed) whether or 
not you put "/bin" at the end of $PATH
> So I think put ~/bin to tail of $PATH has better security for normal user.
>
> For me, I will avoid use same name with exist command, and for user
> who want use same name , I believe he know or will learn how to modify
> $PATH.
>
>
> I mean , put ~/bin in tail of $PATH will batter for default setting,
> so does developer has another reason to put to beginning ?
>

-- 

-----------------------
My best regards to you.

      No System Is Safe!
      Dongliang Mu