Ensure that Root's Path Does Not Include Relative Paths or Null Directories

This page is not yet available in Spanish. We are working on its translation.
If you have any questions or feedback about our current translation project, feel free to reach out to us!

Description

Ensure that none of the directories in root’s path is equal to a single . character, or that it contains any instances that lead to relative path traversal, such as .. or beginning a path without the slash (/) character. Also ensure that there are no “empty” elements in the path, such as in these examples:

PATH=:/bin
PATH=/bin:
PATH=/bin::/sbin

These empty elements have the same effect as a single . character.

Rationale

Including these entries increases the risk that root could execute code from an untrusted location.