On 2025-05-07 18:18:25 +0200, Simon Josefsson wrote: > Vincent Lefevre <vinc...@vinc17.net> writes: > > > On 2025-05-07 14:40:01 +0200, Simon Josefsson wrote: > >> I think a reasonable conservative system policy is PATH=/usr/bin and > >> anything beyond that is something the user or system administrator have > >> to add. I think we should give up on /usr/games and move those > >> executables to /usr/bin, renaming any binaries that conflict. > > > > I disagree. root should not have games in his path. This could also > > annoy non-root users. > > That is a good point. Hmm. There is a lot more in /usr/bin that I > wouldn't want root to have in PATH either, so I'm not sure I agree that > the /usr/games exception gives root sufficient protection. Given that > it is permissable to have naming conflicts as in /usr/bin/foo and > /usr/games/foo, I would prefer the situation where everything under > /usr/games was moved to /usr/bin and renamed on naming conflicts. Then > root doesn't have to consider the possibility that invoking 'foo' may > somehow end up running /usr/games/foo instead of /usr/bin/foo depending > on PATH confusion.
Note that this is not just for protection, but also for command completion. Having many executables makes completion less useful. Non-root users may currently drop /usr/games from their path. -- Vincent Lefèvre <vinc...@vinc17.net> - Web: <https://www.vinc17.net/> 100% accessible validated (X)HTML - Blog: <https://www.vinc17.net/blog/> Work: CR INRIA - computer arithmetic / Pascaline project (LIP, ENS-Lyon)
