Zsh Mailing List Archive
Messages sorted by: Reverse Date, Date, Thread, Author

Re: Thoughts on protecting against PATH interception via user owned profiles



Thanks. Info well received! Terminal on macOS starts a login shell for each
tab btw.

On Sun, Dec 15, 2019 at 10:43 PM Roman Perepelitsa <
roman.perepelitsa@xxxxxxxxx> wrote:

> On Sun, Dec 15, 2019 at 3:31 PM Andrew Parker
> <andrew.j.c.parker@xxxxxxxxx> wrote:
> >
> > Oh man. Back at keyboard now. I see this is nothing zsh specific. The
> solution was right in front of me all the time. Just exit 1 from
> /etc/profile will work in bash.
>
> Note that /etc/profile is sourced by bash only when starting a login
> shell. It's not sourced when connecting over SSH, when running
> non-interactively or when starting an interactive shell without
> `--login`. Many (most? all?) graphical terminals start non-interactive
> shell when opening a new tab.
>
> All zsh processes start by sourcing /etc/zshenv (the actual location
> is hard-coded in the binary and can be overridden when building zsh)
> but there is no equivalent file for bash.
>
> I don't know if this makes any difference to your defense strategy but
> thought it might be worth mentioning.
>
> Roman.
>


Messages sorted by: Reverse Date, Date, Thread, Author