Bob Proulx wrote:
> I respectfully disagree. Strongly! :-) PATH is a configuration of
> the caller's environment. It isn't a good idea to change it just to
> override the caller's desired environment.
Sorry. Virtually every reference on secure shell programming would
disagree with you.
Chet
Chet Ramey wrote:
> Bob Proulx wrote:
> > It seems okay to leave PATH alone to me. Why set it at all?
> >
> > I don't see the security issue that you are concerned about. Could
> > you educate me?
>
> I suppose it's not a large security hole if $EDITOR is used, only
> when bashbug chooses $DEFE
On Jun 16, 9:38 pm, Chet Ramey wrote:
> Bob Proulx wrote:
> > It seems okay to leave PATH alone to me. Why set it at all?
I agree. If as a user I care to set my environment in some specific
way, I expect other programs to honour my settings.
If all my scripts were resetting PATH and hardcoding
Bob Proulx wrote:
> Chet Ramey wrote:
>> Villeneuve wrote:
>>
>>> Fix:
>>> Do not prepend system paths in front of PATH in the bashbug script.
>>> Instead, these default paths could be appended to PATH if necessary.
>> To do otherwise is a potential security hole.
>
> It seems okay to leav
Chet Ramey wrote:
> Villeneuve wrote:
>
> > Fix:
> > Do not prepend system paths in front of PATH in the bashbug script.
> > Instead, these default paths could be appended to PATH if necessary.
>
> To do otherwise is a potential security hole.
It seems okay to leave PATH alone to me. Wh
Villeneuve wrote:
> Fix:
> Do not prepend system paths in front of PATH in the bashbug script.
> Instead, these default paths could be appended to PATH if necessary.
To do otherwise is a potential security hole.
Chet
--
``The lyf so short, the craft so long to lerne.'' - Chaucer
C
