Timeline for Is it secure to use the following kinds of pathnames in `$PATH`?
Current License: CC BY-SA 4.0
11 events
| when toggle format | what | by | license | comment | |
|---|---|---|---|---|---|
| Jun 8, 2018 at 3:24 | vote | accept | Tim | ||
| Jun 7, 2018 at 20:56 | comment | added | Tim | I have some question understanding "The tilde inside a PATH string is not understood. This is why the POSIX standard requires to expand tilde sequences after a colon in the command line when a shell macro is assigned." unix.stackexchange.com/questions/448521/… | |
| Jun 7, 2018 at 20:45 | history | edited | heemayl | CC BY-SA 4.0 | deleted 1 character in body |
| Jun 7, 2018 at 20:23 | comment | added | Chris Davies | @Reid mine is grpe | |
| Jun 7, 2018 at 19:53 | comment | added | Tim | "these tilde characters are expanded before the command is executed." So does it matter whether I use tilde or filename expansions in $PATH? | |
| Jun 7, 2018 at 19:32 | comment | added | Reid | . is insecure no matter where in PATH it appears. People make typos all the time. The classic example is a malicious executable in /tmp called sl. | |
| Jun 7, 2018 at 18:14 | history | edited | schily | CC BY-SA 4.0 | dot enhanced |
| Jun 7, 2018 at 18:07 | comment | added | Tim | Thanks. "If there is an empty element in PATH this refers to '.'" Does this happen only in $PATH or everywhere? | |
| Jun 7, 2018 at 16:56 | history | edited | schily | CC BY-SA 4.0 | enhance related to enhanced question |
| Jun 7, 2018 at 16:52 | comment | added | Kusalananda♦ | Related to the first point: unix.stackexchange.com/questions/65700/… | |
| Jun 7, 2018 at 16:50 | history | answered | schily | CC BY-SA 4.0 |