The most desired effect of adding a folder to the PATH environment variable is that typing the name of a program in that folder can run it. There is one other, more subtle effect.
The DLL search order specifies where Windows will look for a DLL file when a program loads it only by file name. The last thing searched is the collection of folders on the PATH. Therefore, if a program attempts to load a DLL that's usually absent (e.g. it's an optional module), it might accidentally find it if you have an appropriately named file in a PATH folder. This could lead to security issues if you put a per-user folder on the system PATH.
Fortunately, loading a DLL by file name only is inadvisable, so well-written programs shouldn't do that.
Based on my Super User answer.
No comments:
Post a Comment