On Mon, Jul 13, 2009 at 10:48:35PM +0100, Richard W.M. Jones wrote: > The same application could overwrite .bash_profile too. Or it would > be very contrived to imagine a security hole that lets you create > ~/bin and place an arbitrary binary into ~/bin/bash, but doesn't let > you overwrite .bash_profile. So I don't think this is a security > concern at all in the real world. Realistically, the concern is more likely to be binaries accidently causing subtle breakage by colliding with the expected behaviour of system utilities. -- Matthew Garrett | mjg59@xxxxxxxxxxxxx -- fedora-devel-list mailing list fedora-devel-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-devel-list
