PATH after creating .bashrc

John B Brown jbb at vcn.com
Sun Sep 12 21:21:50 PDT 2010


You could be correct, but then there was .surc; how does that fit into 
your "run commands" general theory?

.surc was used to restrict commands in sh, ksh, csh, and finally bash. 
If "root" came in there were restrictions you set in .surc.

On 9/12/10 8:17 PM, Brandon S Allbery KF8NH wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> On 9/12/10 22:08 , John B Brown wrote:
>>      Wouldn't using .bashrc for it's original purpose be desirable? It was a
>> method of removing dangerous abilities from remote users; hence the rc,
>> short for remote commands. Isn't .bashrc the place to put the detection and
>> restriction of remote access.
>
> Uh, what?  "rc" means "run commands". The convention wasn't invented by the
> bash developers; it originated back before anyone much cared about network
> security (or indeed networks; 7th Research Edition Unix had no networking
> capabilities, but the "rc" convention was already well established).
>
> Moreover, if network/remote access control hasn't taken place by the time
> your shell starts up, you're already in a very bad place.  (See also the old
> r-commands, and why nobody used the "restricted shell" mode in /bin/sh and
> the capability was eventually removed.)
>
> (It's also worth noting that a script that by design is not run in login
> shells by default is a really poor place to put restrictions on said login
> shell.)
>
> .bashrc, following the convention, is Run Commands on normal shell startup.
> .profile / .bash_profile, by convention from 7th Research Edition /bin/sh,
> is run by login shells.  .bashrc is long predated by .cshrc, which serves
> the same function in csh and was implemented some 15 years before bash was
> written.
>
> - --
> brandon s. allbery     [linux,solaris,freebsd,perl]      allbery at kf8nh.com
> system administrator  [openafs,heimdal,too many hats]  allbery at ece.cmu.edu
> electrical and computer engineering, carnegie mellon university      KF8NH
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v2.0.10 (Darwin)
> Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
>
> iEYEARECAAYFAkyNic8ACgkQIn7hlCsL25VthwCeP1hdS8wOgCr/n+bv6pmiHlUQ
> kDQAnRz5hiGWupoYxz+OM63ZZCRjoDnA
> =5JsS
> -----END PGP SIGNATURE-----
> _______________________________________________
> macports-users mailing list
> macports-users at lists.macosforge.org
> http://lists.macosforge.org/mailman/listinfo.cgi/macports-users
>




	Shalom,

	John B. Brown.
	[jbb at vcn.com]
	358 High Street,
	Buffalo, Wyoming
	82834

"Freedom is not worth having if it does not include
the freedom to make mistakes"  Mahatma Gandhi
"If any question why we died, tell them,
because our fathers lied."  Rudyard Kipling
"A man who does not know the truth is just an idiot
but a man who knows the truth and calls it a lie
is a crook."  Bertolt Brecht
"I wonder whether the world is being run
by smart people who are putting us on
or by imbeciles who really mean it."  Mark Twain

1-307-684-9068


More information about the macports-users mailing list