Hi! Actually I fail to see the security impact of this. If a user creates the bin directory themself and put stuff in there themself then it's on their own intention, not? I really fail to see the security part of the issue. Actually it makes sense to have ~/bin first in PATH to be able to override system tools intentionally.
I highly doubt that this will be changed on dubious reasoning and actually wonder why it was forwarded to Debian. To be honest, if a malicious person is able to put an ls program into ~/bin of a user they are also able to change their ~/.profile and put ~/bin first in PATH again, so it gets no additional security, at all. Thanks, Rhonda -- You received this bug notification because you are a member of Registry Administrators, which is the registrant for Debian. https://bugs.launchpad.net/bugs/684393 Title: $PATH discrepency when ~/bin exists _______________________________________________ Mailing list: https://launchpad.net/~registry Post to : registry@lists.launchpad.net Unsubscribe : https://launchpad.net/~registry More help : https://help.launchpad.net/ListHelp
