Why would someone set a shell variable with `which` before invoking utility?

Question

I used to work with another, more experienced programmer who would put almost ALL of the utility calls within a shell script in the following manner:

FOO=`which foo`

$FOO -bar

After working with the guy for over a year, I knew pretty well that he was not the type to do these things on a whim, but I never really paid attention until he quit and i had to start maintaining his code. My only assumption is that, being an OpenBSD proponent and VERY security minded, it might have something to do with permissions or being able to test whether the user running the script had permissions? To counter this, however, I don't recall him ever testing against the success of setting those variables.

Answer 1

Using 'which' this way is pretty much a no-op, but it makes it much easier to maintain the code if you want to specify a utility. For example, if you find yourself running somewhere that has two installed FOO tools, and one is known be be problematic, you can hard code the correct FOO in the script and users who may have their PATH set to use the broken FOO will not be harmed (or call an insecure FOO). By assigning the value early, assigning a specific value is localized to one change rather than spreading to every instance in the script.

Answer 2

I would say that code significantly reduces, maybe not security, but correctness. Suppose you expect to find foo in the path as /usr/bin/foo, and that utility is supposed to parse some file and emit some text. So you release the script into production. Then some user happens to have a $HOME/bin/foo script that, say, launches a music app, and this user has put ~/bin before /usr/bin in his PATH. Now, for that user, your script is broken.