Article <vml2ho$30d8f$1@dont-email.me>

Deutsch English Français Italiano
<vml2ho$30d8f$1@dont-email.me>

View for Bookmarking (what is this?)
Look up another Usenet article
Path: ...!eternal-september.org!feeder3.eternal-september.org!news.eternal-september.org!eternal-september.org!.POSTED!not-for-mail
From: Janis Papanagnou <janis_papanagnou+ng@hotmail.com>
Newsgroups: comp.unix.shell
Subject: Re: Default PATH setting - reduce to something more sensible?
Date: Mon, 20 Jan 2025 09:46:47 +0100
Organization: A noiseless patient Spider
Lines: 27
Message-ID: <vml2ho$30d8f$1@dont-email.me>
References: <vm5dei$2c7to$1@dont-email.me> <vm5qc7$ft9$1@reader2.panix.com>
 <vml04v$2ugq2$1@dont-email.me>
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 7bit
Injection-Date: Mon, 20 Jan 2025 09:46:51 +0100 (CET)
Injection-Info: dont-email.me; posting-host="2a1daf17109c56a56668e6801b8c40f5";
	logging-data="3159311"; mail-complaints-to="abuse@eternal-september.org";	posting-account="U2FsdGVkX1+XmmCxiMdwJgtX79eBBkJj"
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:45.0) Gecko/20100101
 Thunderbird/45.8.0
Cancel-Lock: sha1:Qu/hxbmURuBUu8hhyBUYMyoC1M4=
X-Enigmail-Draft-Status: N1110
In-Reply-To: <vml04v$2ugq2$1@dont-email.me>
Bytes: 2363

On 20.01.2025 09:05, Wayne wrote:
> On 1/14/2025 8:55 AM, Dan Cross wrote:
>> ... It seems to me that, as a normal user, the PATH
>>> (and with it the path-search) could be drastically reduced. Is there
>>> a method to only have them in the PATH when 'sudo'ing any programs
>>> that require root privileges and the privileged programs in 'sbin'?
>>
>> Yes, `sudo` can be configured to set $PATH for the programs that
>> it invokes; see sudoers(5) and look for `secure_path`.  If you
>> don't invoke those from your normal shell, I don't see a problem
>> removing them from the default.
> 
> As for non-sudo PATH, you can always run:
>     export PATH=$(getconf PATH)
> To get a minimal PATH setting guaranteed to include all POSIX
> utilities.

Yes, this comes very close to what I was actually aiming at. In
my environment that's just /bin and /usr/bin and this is what I
typically need in my scripts (plus sometimes /usr/local/bin).
(For interactive use I'd add that too, and also my ~/bin, e.g.)
But all the sbin directories (and other clutter) would be gone.
It practically shows that these directories are unnecessary for
a normal (non-root) user. - Good hint. Thanks.

Janis