The main reason I like to change path to (/bin .) is that when in a remote directory (like /n/sources) having (. /bin) as path makes running scripts *SLOW*.
And I really can't think of any reason why having . would be a good idea, because after all if you call ls, 99.9% of the time you want /bin/ls, and the remaining 0.1% it doesn't hurt to be explicit and run ./ls But this has been discussed before, and 'the powers that be' didn't agree, I only wish I could understand why, but that is probably my fault. uriel On 10/27/07, [EMAIL PROTECTED] <[EMAIL PROTECTED]> wrote: > Hello, > > Removing files is not worth doing. > The victim will immediately find what happened and will recover his > files > and then will consider what made the trouble. > > I don't say (. /bin) is safe in untrusted environment. > Someone might steal my private info using some trick. > > Security is tradeoff with convenience. > I guess we (member of 9fans) are happy enough working in trusted > environment. > > Kenji Arisawa > > On 2007/10/27, at 18:03, roger peppe wrote: > > >>> 1) rc: the value of $path is (. /bin). It is a classic case not to > >>> have . as the first directory when searching for programs - it > >>> allows > >>> Trojan horses to form. > >> > >> if you're the only one using your system, how could this be a > >> problem? > > > > to be fair, if i'd put a file in /n/sources/contrib/rog/ls: > > > > #!/bin/rc > > rm -rf $home & > > ls $* |* | grep -v ls > > > > then i'm sure there'd be one or two unhappy people around... > >
