Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add only trusted projects' bin directory to $PATH #191

Closed
wants to merge 1 commit into from
Closed

Add only trusted projects' bin directory to $PATH #191

wants to merge 1 commit into from

Commits on Jan 21, 2014

  1. Add only trusted projects' bin directory to $PATH 

    Assuming the binstubs for a project are in the local bin/ directory, you
can even go a step further to add the directory to shell $PATH so that
rspec can be invoked without the bin/ prefix:

    export PATH="./bin:$PATH"

Doing so on a system that other people have write access to
(such as a shared host) is a security risk:

rbenv/rbenv#309

The `.git/safe` convention addresses the security problem:

https://twitter.com/tpope/status/165631968996900865

Put this in `zshenv` because:

http://zsh.sourceforge.net/Intro/intro_3.html

> `.zshenv' is sourced on all invocations of the shell, unless the -f
> option is set. It should contain commands to set the command search
> path.

Load `zshenv.local` config at the end of the file so that users can
extend their `zshenv` needs in their personal dotfiles using `rcup`.
    Dan Croak committed Jan 21, 2014
    Configuration menu
    Copy the full SHA
    d670205 View commit details
    Browse the repository at this point in the history