A few common security best practices to apply to your .bashrc or .bash_profile files, or at the system-level in the /etc/profile or /etc/bashrc files.

#!/usr/bin/env bash

# cookbook filename: security_template

# Set a sane/secure path
PATH='/usr/local/bin:/bin:/usr/bin'
# It's almost certainly already marked for export, but make sure
\export PATH
# NOTE: The leading \, which suppresses alias expansion is very important because
# without it you can do evil things...

# Clear all aliases. Important: leading \ inhibits alias expansion
\unalias -a
# NOTE: The leading \, which suppresses alias expansion is very important because
# without it you can do evil things...

# Clear the command path hash
hash -r

# Set the hard limit to 0 to turn off core dumps
ulimit -H -c 0 --

# Set a sane/secure IFS (note this is bash & ksh93 syntax only--not portable!)
IFS=$' \t\n'

# Set a sane/secure umask variable and use it
# Note this does not affect files already redirected on the command line
# 002 results in 0774 perms, 077 results in 0700 perms, etc...
UMASK=002
umask $UMASK

until [ -n "$temp_dir" -a ! -d "$temp_dir" ]; do
    temp_dir="/tmp/meaningful_prefix.${RANDOM}${RANDOM}${RANDOM}"
done
mkdir -p -m 0700 $temp_dir \
  || (echo "FATAL: Failed to create temp dir '$temp_dir': $?"; exit 100)

# Do our best to clean up temp files no matter what
# Note $temp_dir must be set before this, and must not change!
cleanup="rm -rf $temp_dir"
trap "$cleanup" ABRT EXIT HUP INT QUIT