From owner-freebsd-questions@freebsd.org Fri Oct 27 00:20:32 2017 Return-Path: Delivered-To: freebsd-questions@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 03864E569D1 for ; Fri, 27 Oct 2017 00:20:32 +0000 (UTC) (envelope-from freebsd@edvax.de) Received: from mailrelay14.qsc.de (mailrelay14.qsc.de [212.99.163.154]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "*.antispameurope.com", Issuer "TeleSec ServerPass DE-2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 6F4A96F4F9 for ; Fri, 27 Oct 2017 00:20:30 +0000 (UTC) (envelope-from freebsd@edvax.de) Received: from mx01.qsc.de ([213.148.129.14]) by mailrelay14.qsc.de; Fri, 27 Oct 2017 02:20:20 +0200 Received: from r56.edvax.de (port-92-195-74-193.dynamic.qsc.de [92.195.74.193]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by mx01.qsc.de (Postfix) with ESMTPS id 1D9283CBF9; Fri, 27 Oct 2017 02:20:19 +0200 (CEST) Received: from r56.edvax.de (localhost [127.0.0.1]) by r56.edvax.de (8.14.5/8.14.5) with SMTP id v9R0KJ9x004116; Fri, 27 Oct 2017 02:20:19 +0200 (CEST) (envelope-from freebsd@edvax.de) Date: Fri, 27 Oct 2017 02:20:19 +0200 From: Polytropon To: Lowell Gilbert Cc: freebsd-questions@freebsd.org Subject: Re: A request to segregate man pages for shell built-ins Message-Id: <20171027022019.23057efb.freebsd@edvax.de> In-Reply-To: <44r2tpmr0d.fsf@lowell-desk.lan> References: <20171027021115.A40402@sola.nimnet.asn.au> <20171026214620.bf8fcbf2.freebsd@edvax.de> <44r2tpmr0d.fsf@lowell-desk.lan> Reply-To: Polytropon Organization: EDVAX X-Mailer: Sylpheed 3.1.1 (GTK+ 2.24.5; i386-portbld-freebsd8.2) Mime-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit X-cloud-security-sender: freebsd@edvax.de X-cloud-security-recipient: freebsd-questions@freebsd.org X-cloud-security-Virusscan: CLEAN X-cloud-security-disclaimer: This E-Mail was scanned by E-Mailservice on mailrelay14.qsc.de with 6E4156A3538 X-cloud-security-connect: mx01.qsc.de[213.148.129.14], TLS=1, IP=213.148.129.14 X-cloud-security: scantime:.1379 X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 27 Oct 2017 00:20:32 -0000 On Thu, 26 Oct 2017 19:24:50 -0400, Lowell Gilbert wrote: > Polytropon writes: > > > Yes, this is true as long as the script uses [ or test. Some do > > explicitely call /bin/test. I'm almost sure this isn't true anymore > > on today's modern FreeBSD, but older UNIX scripts occassionally > > were constructed in such a way that they called the binaries > > explicitely with the full path. Maybe this has been some portability > > issue. > > It's more of a security issue. If you call it with the full path, > you know, absolutely, which flavor of the command will be used. Or a specific environment issue, where $PATH couldn't be predicted, so an explicit call was needed (e. g., /usr/local/bin/lpr vs. /usr/bin/lpr). Of course security is added, for example when there is a "fake binary" placed in a directory like ~/bin which is listed in $PATH _before_ the system directory, and such a "fake binary" mimics a command often used, like cp, rm, grep, and what you usually find in scripts, and does something that might be problematic - unnoticed... -- Polytropon Magdeburg, Germany Happy FreeBSD user since 4.0 Andra moi ennepe, Mousa, ...