>>>>> "慕冬" == 慕 冬亮 <mudonglianga...@hotmail.com> writes:
慕冬> User's command is usually stored in "/usr/local/bin". It should 慕冬> be placed before "/bin" in the $PATH. /usr/local is a directory hierarchy for binaries typical of the local installation and being, by default, owned by root, it is not a directory for user commands. Having ~/bin before /bin and /usr/bin (and /usr/local/bin) is of no harm at all if your account is safe enough. If and only if someone can log on with your account, she can put a malicious copy/wrapper of a system command (ls to name one) in your bin and you could trigger it thinking to use the system version. What *is* dangerous is having . before system directories, especially on multi-user machines. In this scenario, user A, who has . in the path before /bin, goes in a directory of user B and does an 'ls'. That directory contains an executable called ls that is smart enough to hide itself. But bastard enough to do something nasty, a Trojan horse. And user A just brought it within the walls... -- /\ ___ Ubuntu: ancient /___/\_|_|\_|__|___Gian Uberto Lauri_____ African word //--\| | \| | Integralista GNUslamico meaning "I can \/ coltivatore diretto di software not install già sistemista a tempo (altrui) perso... Debian" Warning: gnome-config-daemon considered more dangerous than GOTO