Fix your Ruby environment problems (opens in new tab)

(technotes.iangreenleaf.com)

10 pointsyoungian11y ago4 comments

4 comments

  export PATH=./bin:$PATH

Am I the only one who thinks adding this to your login scripts is a terrible idea?

jbrechtel11y ago

No, you're not alone.

To be explicit about why, for others, this means your shell will search for executables in a 'bin' sub directory of whatever directory you happen to be in BEFORE it searches your normal path.

This allows for common commands like 'ls' to be executed from ./bin, if they're present, instead of /bin (from your system).

Once you've done this you've opened yourself up to an attack where you download a zip from the internet, extract it, cd into the directory and type 'ls' and you may have potentially executed something from that zip which you didn't intend to do.

tldr - relative paths in your $PATH is a bad idea.

youngianOP11y ago

Yeah, I wondered if I should add a caveat in there about this. I forewent it because I thought it would confuse people more than anything, and because I've never found this particular concern all that worrisome for the average developer. But maybe it's worth mentioning, in a footnote if nothing else.

bazzargh11y ago

No, you're not. It's not even the best solution in this case. I'd install the rbenv-binstubs plugin:

https://github.com/ianheggie/rbenv-binstubs

And the rbenv-gem-rehash plugin:

https://github.com/sstephenson/rbenv-gem-rehash

... and let them take care of setting the local paths, and you never have to generate binstubs manually either. (YMMV, of course, but this works pretty well)

j / k navigate · click thread line to collapse