The devil they say is in details, even the simple Bash path variable can open some security problems on your box. Every Bash documentation out there warns us not leave '.' in the path (it matches current directory). They however don't seems to mention that leaving a dangling ':' (colon) at the beginning or the end of Bash $PATH does create the same security vulnerability.
Full story »
