Do any of these guard against an empty value on either side ?
"export PATH=$DIR:$PATH -
That particular pattern is way too common, and is very dangerous if
you consider the case when [$DIR or] $PATH (or whatever your variable is, like
$LD_LIBRARY_PATH) isn’t set. Then, the value will be :/path/to/dir,
which usually means both /path/to/dir and the current directory,
which is usually both unexpected behaviour and a security concern."
"export PATH=$DIR:$PATH - That particular pattern is way too common, and is very dangerous if you consider the case when [$DIR or] $PATH (or whatever your variable is, like $LD_LIBRARY_PATH) isn’t set. Then, the value will be :/path/to/dir, which usually means both /path/to/dir and the current directory, which is usually both unexpected behaviour and a security concern."