From owner-freebsd-questions@FreeBSD.ORG  Mon Jun 15 17:56:45 2009
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
Delivered-To: freebsd-questions@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id 99BE7106564A
	for <freebsd-questions@freebsd.org>;
	Mon, 15 Jun 2009 17:56:45 +0000 (UTC)
	(envelope-from mel.flynn+fbsd.questions@mailing.thruhere.net)
Received: from mailhub.rachie.is-a-geek.net (rachie.is-a-geek.net
	[66.230.99.27]) by mx1.freebsd.org (Postfix) with ESMTP id 2BEBD8FC0A
	for <freebsd-questions@freebsd.org>;
	Mon, 15 Jun 2009 17:56:45 +0000 (UTC)
	(envelope-from mel.flynn+fbsd.questions@mailing.thruhere.net)
Received: from smoochies.rachie.is-a-geek.net (mailhub.rachie.is-a-geek.net
	[192.168.2.11])
	by mailhub.rachie.is-a-geek.net (Postfix) with ESMTP id 1188F7E837;
	Mon, 15 Jun 2009 09:56:44 -0800 (AKDT)
From: Mel Flynn <mel.flynn+fbsd.questions@mailing.thruhere.net>
To: freebsd-questions@freebsd.org
Date: Mon, 15 Jun 2009 09:56:42 -0800
User-Agent: KMail/1.11.4 (FreeBSD/8.0-CURRENT; KDE/4.2.4; i386; ; )
References: <alpine.BSF.2.00.0906151131390.34405@macos.cmi.ua.ac.be>
	<alpine.BSF.2.00.0906151404040.38025@macos.cmi.ua.ac.be>
	<2A832F905771652089DDC019@utd65257.utdallas.edu>
In-Reply-To: <2A832F905771652089DDC019@utd65257.utdallas.edu>
MIME-Version: 1.0
Content-Type: Text/Plain;
  charset="iso-8859-1"
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
Message-Id: <200906150956.43085.mel.flynn+fbsd.questions@mailing.thruhere.net>
Cc: Paul Schmehl <pschmehl_lists@tx.rr.com>,
	"Philip M. Gollucci" <pgollucci@freebsd.org>
Subject: Re: path for user www
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Mon, 15 Jun 2009 17:56:45 -0000

On Monday 15 June 2009 06:29:13 Paul Schmehl wrote:

> Why would you want to?  You'd open yourself up to all sorts of potential
> compromise paths.  There's a reason why root's path is different from
> normal users.

Without forcing a PATH for apache, you open yourself up to exactly the things 
you're warning for, when you restart apache in multi-user. When using sudo 
apache would actually have the PATH of your normal user.
Also, PATH for root is _not_ noticably different from normal users in a 
vanilla install. Only the path during rc(8) stage is sanitized, which is why 
you see a different path after reboot.

Ideally, the apache port would install a path.env.default in the envvars.d 
directory and mention it's usage in pkg-message.
-- 
Mel