BLU Discuss list archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Discuss] Program path maintenance and security (was Re: Debian 12 vs. WSL 1)
- Subject: [Discuss] Program path maintenance and security (was Re: Debian 12 vs. WSL 1)
- From: richard.pieri at gmail.com (Rich Pieri)
- Date: Thu, 22 Jun 2023 17:26:59 -0400
- In-reply-to: <20230622200719.GN24375@bladeshadow.org>
- References: <20230621163508.GJ24375@bladeshadow.org> <CAJFsZ=ozzcstj4NMy5Mzsbuzmxhd6bkFBMwte-QMQm9dYDj9sQ@mail.gmail.com> <20230621232655.jkt5rsxybsofpy7x@randomstring.org> <20230621194331.00005d05.Richard.Pieri@gmail.com> <20230622200719.GN24375@bladeshadow.org>
On Thu, 22 Jun 2023 15:07:19 -0500 Derek Martin <invalid at pizzashack.org> wrote: > 1. As I indicated in the other message, if the program is intended to > run exclusively in the security context of the user running it, and > does not at any point require elevated privileges (which needs to > be evaluated carefully), then using /usr/bin/env is PROBABLY fine, > particularly if you wrote it and know what it does. You list three "ifs" around using env. Explicit path to /usr/bin/perl or whatever has zero "ifs". I leave it to the reader to decide which is more reliable and secure, and preferable for their environments. > BUT: the onus is on the user running the perl script to make sure I correct myself: four "ifs". -- \m/ (--) \m/
- Follow-Ups:
- [Discuss] Program path maintenance and security (was Re: Debian 12 vs. WSL 1)
- From: invalid at pizzashack.org (Derek Martin)
- [Discuss] Program path maintenance and security (was Re: Debian 12 vs. WSL 1)
- References:
- [Discuss] Program path maintenance and security (was Re: Debian 12 vs. WSL 1)
- From: invalid at pizzashack.org (Derek Martin)
- [Discuss] Program path maintenance and security (was Re: Debian 12 vs. WSL 1)
- From: bogstad at pobox.com (Bill Bogstad)
- [Discuss] Program path maintenance and security (was Re: Debian 12 vs. WSL 1)
- From: dsr at randomstring.org (Dan Ritter)
- [Discuss] Program path maintenance and security (was Re: Debian 12 vs. WSL 1)
- From: richard.pieri at gmail.com (Rich Pieri)
- [Discuss] Program path maintenance and security (was Re: Debian 12 vs. WSL 1)
- From: invalid at pizzashack.org (Derek Martin)
- [Discuss] Program path maintenance and security (was Re: Debian 12 vs. WSL 1)
- Prev by Date: [Discuss] Debian 12 vs. WSL 1
- Next by Date: [Discuss] Program path maintenance and security (was Re: Debian 12 vs. WSL 1)
- Previous by thread: [Discuss] Program path maintenance and security (was Re: Debian 12 vs. WSL 1)
- Next by thread: [Discuss] Program path maintenance and security (was Re: Debian 12 vs. WSL 1)
- Index(es):