User-level instance of /bin in PATH

[Nicolas Mailhot]

Le mercredi 27 juillet 2011 à 00:01 -0400, Braden McDaniel a écrit :

> Can someone explain (or point to) the rationale appending these to PATH
> rather than prepending them?  I would have expected user binaries to
> supersede system ones.

Security. You can do all kinds of mischief by overriding an (audited)
system command with a user-level command (even appending is IMHO
borderline dangerous till the usual infection/attack vectors, MUAs &
browsers have not been taught to triple-check and flag anything going
there)

-- 
Nicolas Mailhot