Hi! Actually I fail to see the security impact of this. If a user creates the bin directory themself and put stuff in there themself then it's on their own intention, not? I really fail to see the security part of the issue. Actually it makes sense to have ~/bin first in PATH to be able to override system tools intentionally.
I highly doubt that this will be changed on dubious reasoning and actually wonder why it was forwarded to Debian. To be honest, if a malicious person is able to put an ls program into ~/bin of a user they are also able to change their ~/.profile and put ~/bin first in PATH again, so it gets no additional security, at all. Thanks, Rhonda -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/684393 Title: $PATH discrepency when ~/bin exists -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
