On Mon, Sep 15, 2003 at 03:47:42PM +0100, Steve Kemp wrote: > On Mon, Sep 15, 2003 at 10:45:48AM -0400, Matt Zimmerman wrote: > > > > +#define COMPRESS "/bin/gzip" > > > +#define UNCOMPRESS "/bin/gunzip -c" > > > I've never been a proponent of hardcoding paths to programs. This will > > immediately make the program non-portable to basically any non-GNU type > > system, and doesn't provide any significant benefit (/bin is in PATH). > > I'm not terribly keen on it myself, but I do think that it's safer > than trusting a potentially malicious $PATH setting.
$PATH is almost always trusted; the exception is setuid programs which should sanitize PATH. xspringies is not setuid, is it? -- - mdz
