path for user www
Mel Flynn
mel.flynn+fbsd.questions at mailing.thruhere.net
Mon Jun 15 17:56:45 UTC 2009
On Monday 15 June 2009 06:29:13 Paul Schmehl wrote:
> Why would you want to? You'd open yourself up to all sorts of potential
> compromise paths. There's a reason why root's path is different from
> normal users.
Without forcing a PATH for apache, you open yourself up to exactly the things
you're warning for, when you restart apache in multi-user. When using sudo
apache would actually have the PATH of your normal user.
Also, PATH for root is _not_ noticably different from normal users in a
vanilla install. Only the path during rc(8) stage is sanitized, which is why
you see a different path after reboot.
Ideally, the apache port would install a path.env.default in the envvars.d
directory and mention it's usage in pkg-message.
--
Mel
More information about the freebsd-questions
mailing list