$HOME/bin
Matthew Garrett
mjg at redhat.com
Tue Jul 14 02:34:02 UTC 2009
On Mon, Jul 13, 2009 at 10:48:35PM +0100, Richard W.M. Jones wrote:
> The same application could overwrite .bash_profile too. Or it would
> be very contrived to imagine a security hole that lets you create
> ~/bin and place an arbitrary binary into ~/bin/bash, but doesn't let
> you overwrite .bash_profile. So I don't think this is a security
> concern at all in the real world.
Realistically, the concern is more likely to be binaries accidently
causing subtle breakage by colliding with the expected behaviour of
system utilities.
--
Matthew Garrett | mjg59 at srcf.ucam.org
More information about the devel
mailing list