Re: PATH variable in zip-slackware 2.0.35

[schon () INAME COM (Karl Stevens)]

Have to comment here one last time:

On 02-Jan-99, kay wrote:
> > Actually, this is the default path for USERS, not for root (Slackware 3.4,
> > 3.5, 3.6) The default path for root is
> > /usr/local/sbin:/usr/local/bin:/sbin:/usr/sbin:/bin:/usr/bin
>
> This is not true. This is output from a clean Slackware 3.6:

Well, it's true on ALL of my systems (14 to date) :

schon:~$ echo $PATH

/usr/local/bin:/bin:/usr/bin:/usr/X11/bin:/usr/andrew/bin:/usr/openwin/bin:/usr/
games:.
schon:~$ su
Password:
schon:/home/karl# echo $PATH

/usr/local/sbin:/usr/local/bin:/sbin:/usr/sbin:/bin:/usr/bin

> A quick look through the init scripts reveals no distinguish whether they
> run as root, other privileged uid, or something.

Another quick look reveals this:

schon:/etc# grep 'ENV_SUPATH' /etc/login.defs
# Three items must be defined:  MAIL_DIR, ENV_SUPATH, and ENV_PATH.

ENV_SUPATH
PATH=/usr/local/sbin:/usr/local/bin:/sbin:/usr/sbin:/bin:/usr/bin

> > The problem specified in the previous posts is only present in the zipslack
> > distribution.
>
> This is not true as well. If it was only present in zipslack noone would
> care. I personally wouldn't run a secure server on zipslack/umsdos.

It is true, as far as I have tested.  14 boxen with regular slackware vs.
the one zipslack from the original poster. (I emailed him to verify)

Granted there are problems with security on a default slackware install
(including ttyp's in /etc/securetty for one) I don't think this is
really one of them.. either that, or I'm doing something totally different
than you are during install.

-Karl