$HOME/.local/bin in $PATH

Miloslav Trma─Ź mitr at volny.cz
Fri Nov 1 19:55:21 UTC 2013


On Fri, Nov 1, 2013 at 7:12 PM, Andrew Haley <aph at redhat.com> wrote:
> On 11/01/2013 09:38 AM, drago01 wrote:
>> The attacker needs to be able to write to your home directory to
>> take advantage of it.  And if he can do that (you lost) he has
>> numerous other ways of doing it.
>
> That is true.  However, there is an advantage to this one for the
> attacker: the user probably doesn't know it's there.

I don't think this in practice matters _for security_[1]: Even the
users that know ~/bin exists are extremely unlikely to be regularly
checking its contents to see whether a malicious file hasn't been
added.

> It's a matter of the attack surface: the 'sum of the different points
> (the "attack vectors") where an unauthorized user (the "attacker") can
> try to enter.' [Wikipedia]

In all of the scenarios we've been talking about, the attack has
already _succeeded_; there is no longer any relevant attack surface
left.[2]
    Mirek

[1] It might matter for troubleshooting.
[2] Possible privilege escalations attacks to get root's or other
user's permissions are irrelevant to our discussion.


More information about the devel mailing list