1. What is the PATH?
I got the below definition from
this site.
PATH
The PATH variable contains the names of directories to be searched for programs that correspond to command names. When you issue a command to the shell, the shell searches sequentially through each directory in the PATH list until it finds an executable program with the command name you typed.
I think that this makes things quite clear.
2. What is kept in the path?
Continuing from the answer of the first question, this list is a colon ':' seperated list of directories. So a user's path can look like this:
$ echo $PATH
/usr/bin:/usr/local/bin
You can set the path in sh,ksh and bash in the following manner:
$ PATH=/usr/bin:/usr/local/bin:/usr/ucb; export PATH
OR
$ PATH=$PATH:/usr/ucb; export PATH # this will set the new path to whatever the old path was and the directory /usr/ucb
3. What is the .profile?
Now you may not want to manually set the path in the above manner every time you login - maybe you want to automate this. This can be done using the .profile file. This is a file that is present in every user's home directory. It contains various settings that the user wants to personalize. This file is read when the user logs in using sh/ksh and the variables in the file are set in the environment. So if you write a 'PATH=..; export PATH' statement in the file, then the PATH is set for you during your login.
5. Every user does have his own path. The variable may have the same value as some other users' path, but it is handled seperately for each program that the user runs.
I saved the 4th question for last:
If you (root) specify the PATH variable as follows:
PATH=/usr/bin:
.:/usr/sbin:/sbin:/usr/local/bin
and you run a command such as mount which is in /usr/sbin, then your shell will look through the directories in your path in the order of '/usr/bin', '.' (which is the current working directory), and then '/usr/sbin' where it will find the mount command.
But note that the '.' is searched very early on. If you are working from the /tmp directory, and a hacker keeps a shell script called mount in that directory, then the shell script /tmp/mount will be executed as the shell will find that first - so /usr/sbin/mount is never run. Now in this shell script, the hacker may have written anything that (s)he wants and whatever commands are in there will run with root privileges.
That is what the statement in blue means. Do not set the '.' (current working directory) in the root's path. And have a line in the root's .profile file set the PATH variable without using any prior PATH value.
i.e. the variable should be set as:
PATH=/usr/bin:/usr/sbin:/sbin; export PATH
and not as:
PATH=$PATH:/usr/sbin:/sbin; export PATH