Till Maas wrote: > On Fri, Jun 22, 2018 at 07:24:54PM +0200, Björn Persson wrote: > > Till Maas wrote: > > > I do not see any reason why a user would put something in ~/bin that > > > would mask something in /usr/bin except to actually mask the binary. It > > > is the same with other user configuration, anyone expects ~/.ssh/config > > > to override /etc/ssh/ssh_config instead of the other way round. > > > > It could happen by accident. A user might put a program in ~/bin that > > happens to have the same name as one in /usr/bin that the user is > > unaware of, and it might break other programs which call that command > > without a full pathname. Editing ~/.ssh/config affects only SSH, and > > isn't likely to break something unrelated. > > > > That's one reason why I'm not convinced that this change is a good > > idea. It obviously has nothing to do with security though. It's a > > matter of safety, which is different from security. > > In your opinion, how does the user act nowadays when something in > /usr/bin masks their tool that they installed in ~/bin? I would assume > that they will change the path, since installing the tool there is what > they wanted.
If they intended to mask the system-installed tool, then they'll probably change PATH. If it was an accidental name collision, then I guess they'll change the filename of their own tool. If they expected that both versions would be usable in parallel, then they might discover that they need another solution such as absolute pathnames or environment modules. > Also a tool with a same name in /usr/bin might also > break another user's tool that expects the user version to be available > in the PATH. I do not see how this would be better. And it might also > happen with aliases or functions that users would configure in > ~/.bashrc. Yes. There is no order that is obviously best for all purposes. I know at least one well-designed programming language where, if two declarations have the same identifier but in different namespaces, and both of those namespaces are imported, then neither declaration masks the other. Instead they are both hidden so that the programmer has to specify the namespace, making the code unambiguous. An equivalent of this would be if the shell would look in all the directories that are listed in PATH, and reject the command as ambiguous if there are matching programs in more than one of those directories. The user would then have to type a pathname to specify which program they want. That would be safer, but less convenient – and of course an incompatible change. Björn Persson
pgpMtB4TynU0_.pgp
Description: OpenPGP digital signatur
_______________________________________________ devel mailing list -- devel@lists.fedoraproject.org To unsubscribe send an email to devel-le...@lists.fedoraproject.org Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org/message/V35UDPYTDNCDG6KYY262LL3WRXJEL2L4/
