|
|
|
|
|
|
by vitus
5428 days ago
|
|
|
I haven't really used Ruby much until recently, but what's wrong with just setting the GEM_HOME environment variable? Wholeheartedly agree with not using sudo if not necessary, though. That seems to have become a bad habit for a lot of people. |
|
|
`/usr/local/bin` is typically in root's PATH, so root will faithfully search for programs in this directory. If root (or an admin group) does not have sole write privileges to that directory, it becomes a very easy to exploit privilege escalation vulnerability.
What _is_ risky about running `sudo make install` and the like, is that the Makefile may have malicious / risky code that may get executed as root.
Summary:
If you trust / verify the code you are installing, and you want it to be globally available, install it with sudo.
If you aren't willing to install as root, but want it to be available to a group of users, install to another directory not in root's PATH.
Otherwise just install to ~/bin