From: Peter Stephenson <pws@csr.com>
To: zsh-workers@sunsite.dk
Subject: Re: functions/Completion/Linux/_modutils
Date: Fri, 16 May 2008 10:26:42 +0100 [thread overview]
Message-ID: <20080516102642.5631d529@news01> (raw)
In-Reply-To: <200805151700.m4FH0Z30019508@news01.csr.com>
On Thu, 15 May 2008 18:00:35 +0100
Peter Stephenson <pws@csr.com> wrote:
> "Bart Schaefer" wrote:
> > On Thu, May 15, 2008 at 5:16 AM, Clint Adams <schizo@debian.org> wrote:
> > >
> > > zstyle ':completion:*:sudo:*' command-path /usr/local/sbin /usr/local/bin \
> > > /usr/sbin /usr/bin /sbin /bin /usr/X11R6/bin
> >
> > OK, so maybe the right thing is to ignore my patch and have _sudo grab
> > the value of *that* style and export it.
>
> Sounds pretty sensible, but we definitely want to document that this
> happens for security reasons.
Thinking more, security surely isn't an issue after all. Nothing is
actually being run here as superuser, and you're only using the
command-path (as the current user) that the current user has explicitly
told you it's OK to use. So there's no more problem with Trojans than with
any other use of paths by the shell.
--
Peter Stephenson <pws@csr.com> Software Engineer
CSR PLC, Churchill House, Cambridge Business Park, Cowley Road
Cambridge, CB4 0WZ, UK Tel: +44 (0)1223 692070
prev parent reply other threads:[~2008-05-16 9:27 UTC|newest]
Thread overview: 12+ messages / expand[flat|nested] mbox.gz Atom feed top
2008-05-13 16:19 functions/Completion/Linux/_modutils sergio
2008-05-14 3:17 ` functions/Completion/Linux/_modutils Bart Schaefer
2008-05-14 14:16 ` functions/Completion/Linux/_modutils sergio
2008-05-14 15:18 ` functions/Completion/Linux/_modutils Peter Stephenson
2008-05-14 15:56 ` functions/Completion/Linux/_modutils sergio
2008-05-14 15:55 ` functions/Completion/Linux/_modutils Bart Schaefer
2008-05-14 16:19 ` functions/Completion/Linux/_modutils sergio
2008-05-14 16:40 ` functions/Completion/Linux/_modutils Bart Schaefer
2008-05-15 12:16 ` functions/Completion/Linux/_modutils Clint Adams
2008-05-15 16:58 ` functions/Completion/Linux/_modutils Bart Schaefer
2008-05-15 17:00 ` functions/Completion/Linux/_modutils Peter Stephenson
2008-05-16 9:26 ` Peter Stephenson [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20080516102642.5631d529@news01 \
--to=pws@csr.com \
--cc=zsh-workers@sunsite.dk \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
Code repositories for project(s) associated with this public inbox
https://git.vuxu.org/mirror/zsh/
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).