Having a Dot in Your Path

What’s wrong with having ‘.’ in your $PATH?

A bit of background: the PATH environment variable is a list of directories separated by colons. When you type a command name without giving an explicit path (e.g. you type “ls”, rather than “binls”) your shell searches each directory in the PATH list in order, looking for an executable file by that name, and the shell will run the first matching program it finds.

One of the directories in the PATH list can be the current directory “.” . It is also permissible to use an empty directory name in the PATH list to indicate the current directory. Both of these are equivalent for csh users:

setenv PATH :usrucb:/bin:usrbin setenv PATH .:usrucb:/bin:usrbin for sh or ksh users

PATH=:usrucb:/bin:usrbin export PATH
PATH=.:usrucb:/bin:usrbin export PATH

Having “.” somewhere in the PATH is convenient - you can type “a.out” instead of “./a.out” to run programs in the current directory. But there’s a catch.

Consider what happens in the case where “.” is the first entry in the PATH. Suppose your current directory is a publically-writable one, such as “/tmp”. If there just happens to be a program named “tmpls” left there by some other user, and you type “ls” (intending, of course, to run the normal “binls” program), your shell will instead run “./ls”, the other user’s program. Needless to say, the results of running an unknown program like this might surprise you.

It’s slightly better to have “.” at the end of the PATH: setenv PATH usrucb:/bin:usrbin:.

Now if you’re in /tmp and you type “ls”, the shell will search usrucb, /bin and usrbin for a program named “ls” before it gets around to looking in “.”, and there is less risk of inadvertently running some other user’s “ls” program. This isn’t 100% secure though - if you’re a clumsy typist and someday type “sl -l” instead of “ls -l”, you run the risk of running “./sl”, if there is one. Some “clever” programmer could anticipate common typing mistakes and leave programs by those names scattered throughout public directories. Beware. Many seasoned UNIX users get by just fine without having “.” in the PATH at all: setenv PATH usrucb:/bin:usrbin If you do this, you’ll need to type “./program” instead of “program” to run programs in the current directory, but the increase in security is probably worth it.

Relevance Read:

Unix Books :-
UNIX Programming, Certification, System Administration, Performance Tuning Reference Books

Return to : - Unix System Administration Hints and Tips

(c) www.gotothings.com All material on this site is Copyright.
Every effort is made to ensure the content integrity.  Information used on this site is at your own risk.
All product names are trademarks of their respective companies.
The site www.gotothings.com is in no way affiliated with or endorsed by any company listed at this site.
Any unauthorised copying or mirroring is prohibited.