HiveBrain v1.2.0
Get Started
← Back to all entries
patternbashMinor

A replacement for OSX's path_helper

Submitted by: @import:stackexchange-codereview··
0
Viewed 0 times
path_helperosxforreplacement

Problem

I was having problems setting my path the way I wanted, I turned to Apple's path_helper but found it appends system dirs to the beginning of the path. I found someone had made a start on a replacement and I forked it and made some updates.

I don't write a lot of shell scripts, and less so to replace system supplied programs. As such, I'm wondering 2 main things:

  • Does this follow best practices for a shell script?



  • Is there an obvious security flaw? I'm most reticent about the line that isn't in the script itself but that calls it



The suggestion is to put this in ~/.bash_profile or ~/.zshenv:

if [ -x /usr/local/libexec/path_helper ]; then
  eval `/usr/local/libexec/path_helper`
fi


Evals make me nervous. Is that okay in this context?

From https://github.com/yb66/path_helper

#!/bin/bash -

## A better path helper - don't put the standard bins first.

function path_helper {
  local -a path_dirs
  local envvar=$1
  local target=`echo $1 | /usr/bin/awk '{print tolower($1)}'`
  local etcpaths="/etc/${target}s"
  local etcpathsd="${etcpaths}.d/*"

  while read -r dir ; do
      if [ "${#path_dirs[@]}" == "0" ]; then
          path_dirs=${dir}
      else
          path_dirs+=":${dir}"
      fi
  done < <(/bin/cat ${etcpathsd} ${etcpaths})

  path_dirs=($(echo ${path_dirs[@]} | /usr/bin/tr [:space:] '\n' | /usr/bin/awk '!a[$0]++'))
  echo "${envvar}=\"\${${envvar}}:${path_dirs[@]}\"; export ${envvar};"
}

path_helper "PATH"

# Only handle MANPATH if the variable hasn't already been set.
if [ -z "$MANPATH" ]; then
  path_helper "MANPATH"
fi
# EOF

Solution

As to the security of this:

if [ -x /usr/local/libexec/path_helper ]; then
  eval `/usr/local/libexec/path_helper`
fi


This runs the path_helper script, which presumably outputs a string, and then the command represented by the output string is run in the local context. So this initially presumes you trust path_helper to run anything it wants. I don't think path_helper could much more damage by running something in your shell instead of what it already ran in a sub-shell.

Code Snippets

if [ -x /usr/local/libexec/path_helper ]; then
  eval `/usr/local/libexec/path_helper`
fi

Context

StackExchange Code Review Q#157450, answer score: 4

Revisions (0)

No revisions yet.