PATH (variable) 📖 Wikipedia

PATH is an environment variable on Unix-like operating systems, DOS, OS/2, and Microsoft Windows, specifying a set of directories where executable programs are located. In general, each executing process or user session has its own PATH setting.

Multics originated the idea of a search path. The early Unix shell only looked for program names in /bin, but by Version 3 Unix the directory was too large and /usr/bin, and a search path, became part of the operating system.^[1]

On POSIX and Unix-like operating systems, the $PATH variable is specified as a list of one or more directory names separated by colon (:) characters.^[2][3] Directories in the PATH-string are not meant to be escaped, making it impossible to have directories with : in their name.^[4]

The /bin, /usr/bin, and /usr/local/bin directories are typically included in most users' $PATH setting (although this varies from implementation to implementation). The superuser also typically has /sbin and /usr/sbin entries for easily executing system administration commands. The current directory (.) is sometimes included by users as well, allowing programs residing in the current working directory to be executed directly. System administrators as a rule do not include it in $PATH in order to prevent the accidental execution of scripts residing in the current directory, such as may be placed there by a malicious tarbomb. In that case, executing such a program requires specifying an absolute (/home/userjoe/bin/script.sh) or relative path (./script.sh) on the command line.

When a command name is specified by the user or an exec call is made from a program, the system searches through $PATH, examining each directory from left to right in the list, looking for a filename that matches the command name. Once found, the program is executed as a child process of the command shell or program that issued the command.

On DOS, OS/2, and Windows operating systems, the %PATH% variable is specified as a list of one or more directory names separated by semicolon (;) characters.^[5]

The Windows system directory (typically C:\WINDOWS\system32) is typically the first directory in the path, followed by many (but not all) of the directories for installed software packages. Many programs do not appear in the path as they are not designed to be executed from a command window, but rather from a graphical user interface. Some programs may add their directory to the front of the PATH variable's content during installation, to speed up the search process and/or override OS commands. In the DOS era, it was customary to add a PATH {program directory};%PATH% or SET PATH={program directory};%PATH% line to AUTOEXEC.BAT.

When a command is entered in a command shell or a system call is made by a program to execute a program, the system first searches the current working directory and then searches the path, examining each directory from left to right, looking for an executable filename that matches the command name given. Executable programs have filename extensions of EXE or COM, and batch scripts have extensions of BAT or CMD. Other executable filename extensions can be registered with the system as well.

Once a matching executable file is found, the system spawns a new process that runs it.

The PATH variable makes it easy to run commonly used programs located in their own folders. If used unwisely, however, the value of the PATH variable can slow down the operating system by searching too many locations, or invalid locations.

Invalid locations can also stop services from running altogether, especially the 'Server' service which is usually a dependency for other services within a Windows Server environment.

Improper use of the PATH variable can introduce security vulnerabilities. In particular, if a program invokes external commands without specifying absolute paths, it may be susceptible to path hijacking (also known as PATH injection), where an attacker places a malicious executable in a directory that appears earlier in the search path. This can result in unintended or malicious code being executed, especially in programs running with elevated privileges.^[6]

New