Adding ~/.local/bin to default PATH

[Bernd Stramm]

On Thu, 28 Jul 2011 15:34:34 +0200
Marian Ganisin <mganisin at redhat.com> wrote:

> On Wed, Jul 27, 2011 at 10:36:08AM -0400, Bernd Stramm wrote:
> > > c) there's a spec about ~/.local/bin already accepted by a
> > > friendly project
> > 
> > This is STILL a security risk, even if somebody calls it a standard.
> 
> This is STILL a claim without any proof, even if somebody repeats it
> every time.

You need proof that putting executables in hidden directories makes it
easier to do phishing? 

> 
> Does everybody calling this "security risk" check periodically his
> $PATH for a dot? (what does $PATH contain? don't look at it before
> answering) Are you periodically checking your ~/bin (do you know
> what's inside without looking there right now)? Are you periodically
> checking your ~/.bash* startup files for suspicious aliases and
> functions, includes?

It creates more work for those who look in ~/bin. They now have to
also look in a hidden directory.

In addition to that, we now have precedence that a simple yum update
changes where you have to look in your path inside $HOME. That is bad.

Aside from that, adding more elements to $PATH makes things more messy,
not cleaner. It slows things down. It creates more work for
maintenance. For what benefit?

-- 
Bernd Stramm
bernd.stramm at gmail.com