Date: Fri, 27 Oct 2017 02:20:19 +0200 From: Polytropon <freebsd@edvax.de> To: Lowell Gilbert <freebsd-questions-local@be-well.ilk.org> Cc: freebsd-questions@freebsd.org Subject: Re: A request to segregate man pages for shell built-ins Message-ID: <20171027022019.23057efb.freebsd@edvax.de> In-Reply-To: <44r2tpmr0d.fsf@lowell-desk.lan> References: <mailman.113.1509019202.90583.freebsd-questions@freebsd.org> <20171027021115.A40402@sola.nimnet.asn.au> <20171026214620.bf8fcbf2.freebsd@edvax.de> <44r2tpmr0d.fsf@lowell-desk.lan>
next in thread | previous in thread | raw e-mail | index | archive | help
On Thu, 26 Oct 2017 19:24:50 -0400, Lowell Gilbert wrote: > Polytropon <freebsd@edvax.de> writes: > > > Yes, this is true as long as the script uses [ or test. Some do > > explicitely call /bin/test. I'm almost sure this isn't true anymore > > on today's modern FreeBSD, but older UNIX scripts occassionally > > were constructed in such a way that they called the binaries > > explicitely with the full path. Maybe this has been some portability > > issue. > > It's more of a security issue. If you call it with the full path, > you know, absolutely, which flavor of the command will be used. Or a specific environment issue, where $PATH couldn't be predicted, so an explicit call was needed (e. g., /usr/local/bin/lpr vs. /usr/bin/lpr). Of course security is added, for example when there is a "fake binary" placed in a directory like ~/bin which is listed in $PATH _before_ the system directory, and such a "fake binary" mimics a command often used, like cp, rm, grep, and what you usually find in scripts, and does something that might be problematic - unnoticed... -- Polytropon Magdeburg, Germany Happy FreeBSD user since 4.0 Andra moi ennepe, Mousa, ...
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20171027022019.23057efb.freebsd>