On Wed, May 2, 2018 at 6:24 AM Tomas Orsava <tors...@redhat.com> wrote:
> Hi! > I'd like to propose putting the ~/.local/bin in front of the /usr/bin on > the PATH. > > Currently /usr/bin has priority over ~/.local/bin, which causes a [bug] > where the old system-installed executable written in Python (from > /usr/bin) is launched, but it finds new Python sources (installed into > $HOME) which it doesn't work with and crashes. > > [bug] https://bugzilla.redhat.com/show_bug.cgi?id=1571650 > > I believe the current configuration breaks the intuitive expectation > that things installed closer to the user should take priority. That's > for example how it works with Python. > Interestingly, ubuntu and opensuse do not have ~/.local/bin on their > PATH (though Ubuntu has ~/bin) so we can't take guidance there. > > Does anyone see a reason not to prioritize ~/.local/bin over /usr/bin? > > Yes, if a user's account is compromised (or any service running as them), it's REALLY easy to drop faked tools into a user-private directory and override critical system tools (like replacing 'bash' with a keylogger).
_______________________________________________ devel mailing list -- devel@lists.fedoraproject.org To unsubscribe send an email to devel-le...@lists.fedoraproject.org
