Ubuntu
bash package

~/.profile should append, rather than prepend $HOME/bin

Bug #242479 reported by Dustin Kirkland  on 2008-06-23

4

Affects		Status	Importance	Assigned to	Milestone
	bash (Ubuntu)	Invalid	Low	Dustin Kirkland 

Bug Description

Binary package hint: bash

Currently, skel.profile prepends $HOME/bin to PATH.

Although some people may prefer $HOME/bin on the front of $PATH so as to override various system binaries, this is not a good idea in if we're going to follow a secure-default philosophy. The ability to override something like "ls" with "~/bin/ls" could really wreak havoc on a user's experience. There are certainly other ways for a malicious user/process to accomplish this (with, say "alias", or "export PATH=...."), but few are more trivial than simply putting an executable in ~/bin.

It is arguably slightly more secure, but definitely more conservative to instead *append* ~/bin onto PATH. By default, this would give users access to their own local programs without overriding any system programs.

In the event that a more knowledgeable user wants to consciously override system programs with their own in ~/bin, it is trivial for such users to edit their own ~/.profile (or other shell mechanisms) for modifying the PATH. We are simply trying to avoid making this the default behavior.

:-Dustin

Revision history for this message

Dustin Kirkland  (kirkland) wrote on 2008-06-23:

#1

I'm working on a patch. Assigning to myself, low proirity.

:-Dustin

Changed in bash:
assignee:	nobody → kirkland
importance:	Undecided → Low
status:	New → In Progress

Revision history for this message

Dustin Kirkland  (kirkland) wrote on 2008-06-23:

#2

This bug is loosely related to:
* https://bugs.edge.launchpad.net/ubuntu/+source/pam/+bug/64064

In that that patch introduced the idea of appending ~/bin to /etc/environment. This bug/patch will make the two in sync for the sake of consistency.

:-Dustin

Revision history for this message

Dustin Kirkland  (kirkland) wrote on 2008-06-23:

#3

bash.242479.debdiff Edit (1.5 KiB, text/plain)

Patch attached. Looking for sponsorship. I think jdstrand is going to upload for me?

:-Dustin

Revision history for this message

Jamie Strandboge (jdstrand) wrote on 2008-06-23:

#4

I'll upload at start of my workday tomorrow.

Revision history for this message

Colin Watson (cjwatson) wrote on 2008-06-23:

#5

At the risk of being overly blunt, guys, this is seriously crazy. There is no security relevance here. This is far more trouble than it's possibly worth. Please don't waste time on this!

Revision history for this message

Colin Watson (cjwatson) wrote on 2008-06-23:

#6

Also, this will break user expectations on new installations for those users who expect to be able to override system programs. This is the sort of thing people hate distros messing around with on a whim. Just leave it be, and then it's consistent, there's no problem, and nobody has to adjust their practices.

Revision history for this message

Dustin Kirkland  (kirkland) wrote on 2008-06-23:

#7

Marking invalid. Yielding to cjwatson's insightful comments about breaking user experiences. I don't want to do that.

:-Dustin

Changed in bash:
status:	In Progress → Invalid

Report a bug

This report contains Public information

Everyone can see this information.

You are

Subscribing...

Edit bug mail

Other bug subscribers

Patches

bash.242479.debdiff Edit

Add patch

Remote bug watches

Bug watches keep track of this bug in other bug trackers.