...
- If you must depend on an externally-provided path, combine prepending known locations to the beginning of the PATH, with sanitizing the rest of it. For example, you can add a line to the beginning of your program such as:
- bash shell:
export PATH="/bin:/usr/bin:$(sanitize "$PATH")"
...