$HOME/bin

[Matthew Garrett]

On Mon, Jul 13, 2009 at 10:48:35PM +0100, Richard W.M. Jones wrote:

> The same application could overwrite .bash_profile too.  Or it would
> be very contrived to imagine a security hole that lets you create
> ~/bin and place an arbitrary binary into ~/bin/bash, but doesn't let
> you overwrite .bash_profile.  So I don't think this is a security
> concern at all in the real world.

Realistically, the concern is more likely to be binaries accidently 
causing subtle breakage by colliding with the expected behaviour of 
system utilities.

-- 
Matthew Garrett | mjg59 at srcf.ucam.org