Windows – Is it safe to edit the global PATH environment variable

command lineenvironment-variablespathSecuritywindows 10

I just recently found out that I couldn't run mysql without typing out the whole path or being in the correct directory–unless I added the path to the PATH environment variable.

I managed to do so and now I'm able to run mysql upon start-up of my command line. I'm lazy and didn't want to type out the whole path just to run mysql from cmd. Also, I didn't know of any other way to do it. I randomly came across the solution on a forum.

The only thing I'm wondering now is if this is OK/safe to do for all of my programs.

While it isn't practical, it's just a precaution.

I noticed that in some tutorials online, some people had a PATH variable for their user variable while I didn't. I only found the PATH environment variable in the system variables section. Is that a bad thing?

The only account on my PC is the administrator account. At least, that's the only account I use.

Can I get some clarity/input on this?

Best Answer

There's usually nothing dangerous about adding directories to PATH. It could only cause you problems in two ways:

While using a command prompt, you might accidentally run a program you didn't intend to. Then again, if you know the programs you put on your PATH, nothing malicious will happen.
Programs might find DLLs there that usually aren't loaded. The DLL search order specifies that if a requested DLL can't be found in normal locations, it will finally be looked for in the PATH places. If, say, a program optionally loaded a module by trying to load a DLL by name and not caring if it fails, someone with control of a PATH folder could cause that program to load an arbitrary DLL if one with its name isn't found earlier in the search. Incidentally, that possible security issue is why it's a bad idea to attempt to load DLLs that may or may not be present. Well-written programs won't have this problem.

You could also conceivably max out the PATH variable length, but that's not really a security issue.

Concerning your not finding the user PATH variable: if you create a per-user version of that variable, your effective PATH will be the system one automatically combined with your per-user one.

Related Solutions

Windows – Lost Path environment variable, how to restore

You didn't lose the %PATH% variable; you lost the association for .exe files.

Go to a working Win7 computer, export HKCR\.exe and HKCR\exefile.
Then, either:

Press Windows+R, type command.com, type regedit, then import the files

If that doesn't work,

Go to the Windows Recovery Environment (from the installation CD) on the broken machine, run regedit, mount the key Windows\System32\Config\Software, and apply your exported keys to the mounted file.
(You'll need to replace HKCR in the exported files with whatever path you mounted the key as; you may find it easier to recreate the keys yourself)

Windows – Setting environment variables and appending to system-wide %PATH% with a Windows batch file

Part of your problem is that SETX isn’t SET –– after you do

setx JAVA_HOME "C:\Program Files (x86)\Java\jdk1.7.0_21" /m

…, %JAVA_HOME% isn’t set in that instance of the Command Prompt. You’d have to start a new instance to get %JAVA_HOME%, et. al., set. I suggest you do something like

set  JAVA_HOME=C:\Program Files (x86)\Java\jdk1.7.0_21
setx JAVA_HOME "%JAVA_HOME%" /m

I don’t see why you would be deleting part of the original path. Access/modify the User path variable, not System path may be relevant. And you might want to do

reg query "HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Environment" /v path

to get the system part of the PATH variable, excluding the user part.

Best Answer

Related Solutions

Windows – Lost Path environment variable, how to restore

Windows – Setting environment variables and appending to system-wide %PATH% with a Windows batch file

Related Question