$HOME/.local/bin in $PATH

Christopher ctubbsii at apache.org
Sat Nov 2 11:30:58 UTC 2013 

On Sat, Nov 2, 2013 at 5:22 AM, drago01 <drago01 at gmail.com> wrote:
> On Fri, Nov 1, 2013 at 11:54 PM, Christopher <ctubbsii at apache.org> wrote:
>> On Fri, Nov 1, 2013 at 5:38 AM, drago01 <drago01 at gmail.com> wrote:
>>> On Fri, Nov 1, 2013 at 10:26 AM, Andrew Haley <aph at redhat.com> wrote:
>>>> On 10/30/2013 10:27 AM, Alec Leamas wrote:
>>>>> On 2013-10-30 11:23, Reindl Harald wrote:
>>>>>> Am 30.10.2013 11:20, schrieb Alec Leamas:
>>>>>>> On 2013-10-30 10:58, Reindl Harald wrote:
>>>>>>>> Am 30.10.2013 10:53, schrieb Alec Leamas:
>>>>>>>>> Some kind of reference for the bad in having a well-known, hidden directory in the path?
>>>>>>>> the *writeable for the user* is the problem
>>>>>>> Any reference for this problem?
>>>>>> what about consider the implications?
>>>>>> do you really need a written reference for any security relevant fact?
>>>>>> i can write one for you if you prefer links :-)
>>>>>>
>>>>> Well, the question is really if someone else out there share your
>>>>> concerns about this.
>>>>
>>>> Why does it matter?  A hidden directory in everyone's path is obviously
>>>> useful to an attacker, and (IMO) more useful to an attacker than to a user.
>>>
>>> The attacker needs to be able to write to your home directory to take
>>> advantage of it.
>>> And if he can do that (you lost) he has numerous other ways of doing it.
>>
>> You seem to be saying that attackers don't make decisions based on the
>> probability of getting caught, or based on the level of visibility
>> their actions might incur. There's a reason why muggers tend to mug at
>> night, thieves are more likely to sneak in an unlocked door than break
>> a window, and malware renames files to look innocuous: the less
>> visible, the more effective they are able to not get caught and
>> continue to exploit.
>>
>> Now, we could argue that ~/.local/bin is *just as* visible as ~/bin,
>> because they are both on the PATH,
>
> Sorry but I still don't by the visible argument. Do you really do
> check what is inside ~/bin
> before running every command? Even if you do that I do not need a
> survey to claim that a
> majority of user simply do not do that.

I do, actually... because I put stuff there, so I inspect its contents
periodically when I do. However, my claim above is not about me. I did
not claim that a majority of users behave like me. What I said was,
that you could probably measure, by survey, whether or not the two
directories on the path were equally visible to users. I can say that
the two are not equally visible *to me*, but I'm not going to claim
that they are equally visible to the average user, or even the average
security-conscious user. I *suspect* they aren't equally visible to
certain significant subsets of users, but since it is probably
measurable, I'm suggesting a means to find it out instead of
speculating based on my own behavior.

--
Christopher L Tubbs II
http://gravatar.com/ctubbsii

More information about the devel mailing list