drue at therub.org
Mon Feb 16 11:25:30 PST 2004
On Mon, Feb 16, 2004 at 06:27:52PM +0100, jan.muenther at nruns.com wrote:
> I just wanted to say quickly that I'd recommend *not* ever taking '.' into
> your path - when someone wants you to execute something and places it into a
> directory where both have write rights and names it like the binary you're
> supposed to call, it's going to get executed first.
There's a lot of things that you shouldn't do that people do every day.
To minimize risk, if you insist on having a '.' in your path, the most
important thing is to put it at the _end_ of your path. This way, when
you type a command, it will hopefully find the real command first. If
it's at the beginning of your path, and you're on a multi-user system,
you're just asking for trouble.
More information about the freebsd-questions