$HOME/.local/bin in $PATH

[Christopher]

On Fri, Nov 1, 2013 at 5:38 AM, drago01 <drago01 at gmail.com> wrote:
> On Fri, Nov 1, 2013 at 10:26 AM, Andrew Haley <aph at redhat.com> wrote:
>> On 10/30/2013 10:27 AM, Alec Leamas wrote:
>>> On 2013-10-30 11:23, Reindl Harald wrote:
>>>> Am 30.10.2013 11:20, schrieb Alec Leamas:
>>>>> On 2013-10-30 10:58, Reindl Harald wrote:
>>>>>> Am 30.10.2013 10:53, schrieb Alec Leamas:
>>>>>>> Some kind of reference for the bad in having a well-known, hidden directory in the path?
>>>>>> the *writeable for the user* is the problem
>>>>> Any reference for this problem?
>>>> what about consider the implications?
>>>> do you really need a written reference for any security relevant fact?
>>>> i can write one for you if you prefer links :-)
>>>>
>>> Well, the question is really if someone else out there share your
>>> concerns about this.
>>
>> Why does it matter?  A hidden directory in everyone's path is obviously
>> useful to an attacker, and (IMO) more useful to an attacker than to a user.
>
> The attacker needs to be able to write to your home directory to take
> advantage of it.
> And if he can do that (you lost) he has numerous other ways of doing it.

You seem to be saying that attackers don't make decisions based on the
probability of getting caught, or based on the level of visibility
their actions might incur. There's a reason why muggers tend to mug at
night, thieves are more likely to sneak in an unlocked door than break
a window, and malware renames files to look innocuous: the less
visible, the more effective they are able to not get caught and
continue to exploit.

Now, we could argue that ~/.local/bin is *just as* visible as ~/bin,
because they are both on the PATH, but please don't argue that because
attackers have choices, then all choices are equivalent. The former is
debatable (and can probably be measured with a simple user survey,
rather than speculated about), but the latter is simply not true.

--
Christopher L Tubbs II
http://gravatar.com/ctubbsii