Path: utzoo!utgpu!news-server.csri.toronto.edu!cs.utexas.edu!tut.cis.ohio-state.edu!ucbvax!BRL.MIL!moss
From: moss@BRL.MIL ("Gary S. Moss", VLD/VMB)
Newsgroups: comp.sys.sgi
Subject: Re:  . in $path
Message-ID: <9004121242.aa07652@VMB.BRL.MIL>
Date: 12 Apr 90 16:42:57 GMT
Sender: daemon@ucbvax.BERKELEY.EDU
Organization: The Internet
Lines: 16

< It is actually sufficient to simply put the . LAST in the root
< path, at least for a "low security" system where you "trust"
< most of your users.  In that way, you will always execute the
< real binary first even if a user has left a TH.  They can always
< leave mistyped traps (sl for ls, us for su) but their odds of
< success go way down...
It is not necessary to misspell the TH, it is actually very common for a
privileged user to attempt to execute a binary that is not in the default
root search path, it happens all of the time.

< and besides, in a department (as opposed to a "public" facility) who
< is going to try this anyway.
If you trust *everybody* on your system, then you probably aren't reading
this, but otherwise, considering the potential harm, why risk it?  How
often do you need to search the current directory?  Personally, I leave
"." out of my normal search path, and I can type "./" *real* fast.