You want to make sure that there are no world-writable directories in root's $PATH. To see why, read Adding the Current Directory to the $PATH.

Use this simple script to check your $PATH. Use it in conjunction with su -or sudo to check paths for other users:

#!/usr/bin/env bash
# cookbook filename: chkpath.1
# Check your $PATH for world-writable or missing directories

exit_code=0

for dir in ${PATH//:/ }; do
    [ -L "$dir" ] && printf "%b" "symlink, "
    if [ ! -d "$dir" ]; then
        printf "%b" "missing\t\t"
          (( exit_code++ ))
    elif [ "$(ls -lLd $dir | grep '^d.......w. ')" ]; then
          printf "%b" "world writable\t"
          (( exit_code++ ))
    else
          printf "%b" "ok\t\t"
    fi
    printf "%b" "$dir\n"
done
exit $exit_code

For example:

# ./chkpath
ok              /usr/local/sbin
ok              /usr/local/bin
ok              /sbinok /bin
ok              /usr/sbin
ok              /usr/bin
ok              /usr/X11R6/bin
ok              /root/bin
missing         /does_not_exist
world writable  /tmp
symlink, world writable /tmp/bin
symlink, ok /root/sbin

We convert the $PATH to a space-delimited list using the technique from Finding a File Using a List of Possible Locations, test for symbolic links (-L), and make sure the directory actually exists (-d). Then we get a long directory listing (-l), dereferencing symbolic links (-L), and listing the directory name only (-d), not the directory’s contents. Then we finally get to grep for world-writable directories.

As you can see, we spaced out the ok directories, while directories with a problem may get a ...