User-level instance of /bin in PATH
Nicolas Mailhot
nicolas.mailhot at laposte.net
Wed Jul 27 07:11:07 UTC 2011
Le mercredi 27 juillet 2011 à 00:01 -0400, Braden McDaniel a écrit :
> Can someone explain (or point to) the rationale appending these to PATH
> rather than prepending them? I would have expected user binaries to
> supersede system ones.
Security. You can do all kinds of mischief by overriding an (audited)
system command with a user-level command (even appending is IMHO
borderline dangerous till the usual infection/attack vectors, MUAs &
browsers have not been taught to triple-check and flag anything going
there)
--
Nicolas Mailhot
More information about the devel
mailing list