Re: sh(1) and ksh(1) default PATH

To: David Holland <dholland-tech%netbsd.org@localhost>
Subject: Re: sh(1) and ksh(1) default PATH
From: tlaronde%polynum.com@localhost
Date: Tue, 16 Aug 2022 08:59:13 +0200

Le Tue, Aug 16, 2022 at 02:14:29AM +0000, David Holland a écrit :
> On Mon, Aug 15, 2022 at 08:28:28AM +0200, tlaronde%polynum.com@localhost wrote:
>  > > (If there are no bins with duplicate names, it doesn't matter. If
>  > > there are, it does. Argument 1: the point of installing something in
>  > > /usr/local or /usr/pkg that's also in base is to replace the version
>  > > in base, not for it to be inaccessible to ordinary use. Argument 2:
>  > > the stuff in base is canonical and it's wrong for random whatnot to
>  > > arbitrarily override it. I admit I don't fully understand argument 2
>  > > and I suspect it may partly be a leftover response dating from System
>  > > V installs with world-writable /usr/local.)
>  > 
>  > Argument 2.1: permissions on /usr/local may be relaxed and malicious
>  > software could more easily install devious utilities there to precisely
>  > override safer versions in base. So by default, base version should take
>  > precedence.
> 
> Except that if you do that you have deliberately misconfigured your
> system. I don't think there's any reason the default setup should
> cater to this kind of inherently unsafe environment.

But the argument "if something is modified, that"s the problem of the
user" can be reversed: NetBSD provides utilities whose
functionnalities it relies upon. So, by default, the system should use
its utilities, the ones it has been tested with and expects. So base
should always come first by default; user can modify this but in this
case, he is on is own. The system is provided without anything in
/usr/local/ so placing something in /usr/local is modifying the
system. So for the core to still function, it has to be designed to
ignore whatever is in /usr/local for its core functionnalities.
-- 
        Thierry Laronde <tlaronde +AT+ polynum +dot+ com>
                     http://www.kergis.com/
                    http://kertex.kergis.com/
                       http://www.sbfa.fr/
Key fingerprint = 0FF7 E906 FBAF FE95 FD89  250D 52B1 AE95 6006 F40C

Follow-Ups:
- Re: sh(1) and ksh(1) default PATH
  - From: David Holland

References:
- sh(1) and ksh(1) default PATH
  - From: nia
- Re: sh(1) and ksh(1) default PATH
  - From: David Holland
- Re: sh(1) and ksh(1) default PATH
  - From: tlaronde
- Re: sh(1) and ksh(1) default PATH
  - From: David Holland

Prev by Date: Re: sh(1) and ksh(1) default PATH
Next by Date: Relative interpreter pathname on #! line
Previous by Thread: Re: sh(1) and ksh(1) default PATH
Next by Thread: Re: sh(1) and ksh(1) default PATH
Indexes:

Home | Main Index | Thread Index | Old Index