If someone was able to access the box, create ~/bin and then drop a malicious script in there, then what would stop them from editing files that the user owns? Nothing.
It seems it's something specific to Debian, as a CentOS 5.5 box I have doesn't have anything like that in .bashrc. I can understand the convenience factor, if you place a different executable there, since it's first in $PATH, but if you are doing that, why not just edit $PATH manually? -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/684393 Title: $PATH discrepency when ~/bin exists -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs