From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on inbox.vuxu.org X-Spam-Level: X-Spam-Status: No, score=-1.0 required=5.0 tests=DKIM_ADSP_CUSTOM_MED, FREEMAIL_FROM,MAILING_LIST_MULTI,RCVD_IN_DNSWL_NONE autolearn=ham autolearn_force=no version=3.4.2 Received: from primenet.com.au (ns1.primenet.com.au [203.24.36.2]) by inbox.vuxu.org (OpenSMTPD) with ESMTP id 048a7b9b for ; Tue, 17 Dec 2019 13:36:36 +0000 (UTC) Received: (qmail 7726 invoked by alias); 17 Dec 2019 13:36:29 -0000 Mailing-List: contact zsh-users-help@zsh.org; run by ezmlm Precedence: bulk X-No-Archive: yes List-Id: Zsh Users List List-Post: List-Help: List-Unsubscribe: X-Seq: 24571 Received: (qmail 21477 invoked by uid 1010); 17 Dec 2019 13:36:29 -0000 X-Qmail-Scanner-Diagnostics: from mail-wr1-f45.google.com by f.primenet.com.au (envelope-from , uid 7791) with qmail-scanner-2.11 (clamdscan: 0.102.1/25663. spamassassin: 3.4.2. Clear:RC:0(209.85.221.45):SA:0(-2.0/5.0):. Processed in 0.848663 secs); 17 Dec 2019 13:36:29 -0000 X-Envelope-From: andrew.j.c.parker@gmail.com X-Qmail-Scanner-Mime-Attachments: | X-Qmail-Scanner-Zip-Files: | Received-SPF: pass (ns1.primenet.com.au: SPF record at _netblocks.google.com designates 209.85.221.45 as permitted sender) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=gmLiAw9J4KgqWB/ysQhUdQJxaFZsTeBWNgdr+5mG2Rs=; b=L6fUEYAT4IARqu3+VVx0SJ/ee8wPc4rG8RsJg9h+qDVlWXQcWe9nFaLigmmEdHdyET ttsqBg7mjGQb5VgDtyXo+2HjNPsLDzXflLkPB92h4ygtJleiJcGAeniJKv4/LSWq9Mlb ZrTu5BVG671c7MCOEoVFbx/8iJjHRsUFsHVCgiFkw5I9cwfNvmsMjOKp5PiZ+/eUu+OQ q8g5OH/IHoc1VpeCbyM8r6zmyfqYOel1rMIBVNMu8tDhxEuck46f0F8ajCv+jofGb+0p MU/hb7pbrWb0ZWEiOvVP7inL9gn7FltmNitbbgXCyil3xF9mLlDUqvjzfPvvLqpsPvZc vUEw== X-Gm-Message-State: APjAAAUnSFIZen0+1FlGQUJ96KwN3agEVOAOunr6TELQQ8YryT7tjJyi m/gKN9VZ3OsYqR+o22nZhnF59fe8pDiKfKn/CzUJEMA6 X-Google-Smtp-Source: APXvYqxtZLRfyP2VgY02mi5qOb6Bet4zNpwsERxWhEaNPI2+cc27WerutKxJ+bMJ+tzkzOwoGvXxiccMxXJ3BR/g+64= X-Received: by 2002:a5d:6144:: with SMTP id y4mr37003711wrt.15.1576589755163; Tue, 17 Dec 2019 05:35:55 -0800 (PST) MIME-Version: 1.0 References: In-Reply-To: From: Andrew Parker Date: Tue, 17 Dec 2019 21:35:43 +0800 Message-ID: Subject: Re: Thoughts on protecting against PATH interception via user owned profiles To: Roman Perepelitsa Cc: Zsh Users Content-Type: multipart/alternative; boundary="000000000000502abd0599e668f6" --000000000000502abd0599e668f6 Content-Type: text/plain; charset="UTF-8" Thanks. Info well received! Terminal on macOS starts a login shell for each tab btw. On Sun, Dec 15, 2019 at 10:43 PM Roman Perepelitsa < roman.perepelitsa@gmail.com> wrote: > On Sun, Dec 15, 2019 at 3:31 PM Andrew Parker > wrote: > > > > Oh man. Back at keyboard now. I see this is nothing zsh specific. The > solution was right in front of me all the time. Just exit 1 from > /etc/profile will work in bash. > > Note that /etc/profile is sourced by bash only when starting a login > shell. It's not sourced when connecting over SSH, when running > non-interactively or when starting an interactive shell without > `--login`. Many (most? all?) graphical terminals start non-interactive > shell when opening a new tab. > > All zsh processes start by sourcing /etc/zshenv (the actual location > is hard-coded in the binary and can be overridden when building zsh) > but there is no equivalent file for bash. > > I don't know if this makes any difference to your defense strategy but > thought it might be worth mentioning. > > Roman. > --000000000000502abd0599e668f6--