Yannick Le Saint (kyncani) y.lesaint at gmail.com
Sun Jul 17 20:22:48 UTC 2005

On Sun, 2005-07-17 at 20:56 +0100, Colin Watson wrote:
> Also note that such a malware script could simply fiddle with your shell
> startup files and make 'sudo', 'su', etc. be aliases to something
> different. Including ~/bin in $PATH opens no extra vulnerabilities and
> is an enormous convenience.

  And if something/someone can put/change files in ~/bin/, it can change
everything in your $HOME/, including $HOME/.bashrc (to control your
shell). At that point, worrying if ~/bin/ was in your PATH or not is

  So i agree with Colin, nothing to worry about putting ~/bin/ in your
path. And it's very convenient.

Yannick Le Saint (kyncani) <y.lesaint at gmail.com>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
URL: <https://lists.ubuntu.com/archives/ubuntu-users/attachments/20050717/2aa35743/attachment.pgp>

More information about the ubuntu-users mailing list