Re: Secure $PATH for regular user
- From: Nico <nkadel@xxxxxxxxx>
- Date: Tue, 30 Oct 2007 06:17:14 -0700
On 29 Oct, 10:37, Dmitry <dim...@xxxxxxxxx> wrote:
Hi,
I remember, but can not find it, that for non root user it's advised
not include /sbin and /usr/sbin in $PATH. Is it right?
If yes, I'll be glad to find a reference to security audit indicating
it, as a proof to my manager :)
Under most Linux systems I've seen, there's a widget in /etc/profile
that *provides* /sbin and /usr/sbin for the root user, and does not do
so for non-root users. This is irritating if you use sudo to run
things as root, since programs from the sbin directories are not in
the PATH as expected.
Now, the "." and the "~/bin" directories, *those* do not belong in the
default PATH.
.
- Follow-Ups:
- Re: Secure $PATH for regular user
- From: Moe Trin
- Re: Secure $PATH for regular user
- From: Bill Marcum
- Re: Secure $PATH for regular user
- From: Chris Cox
- Re: Secure $PATH for regular user
- References:
- Secure $PATH for regular user
- From: Dmitry
- Secure $PATH for regular user
- Prev by Date: Re: Secure $PATH for regular user
- Next by Date: Re: Secure $PATH for regular user
- Previous by thread: Re: Secure $PATH for regular user
- Next by thread: Re: Secure $PATH for regular user
- Index(es):
Relevant Pages
|
