lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date:   Thu, 16 Apr 2020 11:38:40 +0200
From:   Lukas Czerner <lczerner@...hat.com>
To:     "Theodore Y. Ts'o" <tytso@....edu>
Cc:     linux-ext4@...r.kernel.org
Subject: Re: [PATCH] e2scrub: Remove PATH setting from the scripts

On Fri, Apr 10, 2020 at 12:16:35PM -0400, Theodore Y. Ts'o wrote:
> On Thu, Apr 02, 2020 at 03:47:16PM +0200, Lukas Czerner wrote:
> > We don't want to override system setting by changing the PATH. This
> > should remain under administrator/user control.
> > 
> > Signed-off-by: Lukas Czerner <lczerner@...hat.com>
> 
> The reason why the PATH was added is because most users don't have
> /sbin or /usr/sbin in their PATH, and if they run "sudo e2scrub",
> finding commands like lvcreate, lvremove, et. al., wouldn't be there.

I don't understand, e2scrub should be in be in sbin as well, right ?
Besides what if such user wants to run lvcreate, or lvremove ? This
seems like a problem that should be fixed somewhere else.

> 
> I suppose we could do something like
> 
> PATH=$PATH:/sbin:/usr/sbin

that's better than replacing it.

-Lukas

> 
> instead, but otherwise, users will see some unexpected failures.
> 
> 	     		      	       	    	       - Ted
> 

Powered by blists - more mailing lists