Chris Snyder wrote:
This isn't as big of a deal with single-user systems, but it still is
a good way to make sure that users are aware that they're not
executing system-supplied software.
Au contraire! If some bad guy on the internet has managed to hack any
account sufficiently to install a file anywhere in your system, the same
thing can happen to you. They can become you, or if you're running with
root privs at the time they will own your machine. It's called
privilege leveraging or privilege elevation, and is automated by
scripts, so people out there that don't understand a thing can still use
it to screw with you. Please, never have . (the current directory) in
your PATH. For the same reason it's important to never set up your
system so that you can sudo without a password.
Thanks,
Patrick
_______________________________________________
lilypond-user mailing list
lilypond-user@gnu.org
http://lists.gnu.org/mailman/listinfo/lilypond-user
