| 1 |
On Wed, 2005-08-31 at 09:25 +0200, Martin Schlemmer wrote: |
| 2 |
> On Tue, 2005-08-30 at 22:21 -0400, Mike Frysinger wrote: |
| 3 |
> > On Tuesday 30 August 2005 10:15 pm, Martin Schlemmer wrote: |
| 4 |
> > > On Tue, 2005-08-30 at 21:57 -0400, Mike Frysinger wrote: |
| 5 |
> > > > On Tuesday 30 August 2005 09:41 pm, Sven Köhler wrote: |
| 6 |
> > > > > > init.d scripts should have a pure env given to them ... which means, |
| 7 |
> > > > > > they should be run with `env -i` and have only whitelisted variables |
| 8 |
> > > > > > given to them (and everything that appears in /etc/conf.d/$service |
| 9 |
> > > > > > /etc/conf.d/rc and /etc/rc.conf) ... |
| 10 |
> > > > > |
| 11 |
> > > > > Now that may be too few variables. At least the variable LANG (or |
| 12 |
> > > > > whatever the system-admin may chose to set) could be seen as a |
| 13 |
> > > > > system-wide language-setting. It could be intentional, that at least |
| 14 |
> > > > > some variables are available to the started server-processes. |
| 15 |
> > > > > Especially a system-wide language-setting would be a good idea. |
| 16 |
> > > > |
| 17 |
> > > > that is the point of the whitelist idea ... we gather a 'full |
| 18 |
> > > > env' (source /etc/profile i guess) and rip out just the whitelisted |
| 19 |
> > > > variables to pass on to init scripts |
| 20 |
> > > |
| 21 |
> > > Although I agree, my personal opinion is that its going to be a major |
| 22 |
> > > PITA to maintain, and slow things down. |
| 23 |
> > |
| 24 |
> > with the first run, we cache the 'scrubbed' env, and then just use that in the |
| 25 |
> > future ? |
| 26 |
> > |
| 27 |
> |
| 28 |
> We both know when somebody finally notice that, they will bitch because |
| 29 |
> the environment is not updated :) Damn, did I just point that out ? 8) |
| 30 |
> |
| 31 |
> > > Also, not only runscript.sh |
| 32 |
> > > will have to be 'whitelisted', but also /sbin/rc, which will mean that |
| 33 |
> > > we now have to wrap two things. I guess a solution could have been to |
| 34 |
> > > use /sbin/runscript (the C thing) for both (should work fine |
| 35 |
> > > as /sbin/rc's interpreter as well), as that would buy some speed and |
| 36 |
> > > kill one bash fork, but the problem comes in when we start with a |
| 37 |
> > > vanilla environment that do not have /etc/profile sourced. |
| 38 |
> > |
| 39 |
> > mmm unification is good :) |
| 40 |
> |
| 41 |
> I did not argue .. was just wondering how much gain (tears?) it will |
| 42 |
> bring us :) |
| 43 |
> |
| 44 |
|
| 45 |
Ok, the thing via /sbin/runscript won out - in baselayout-1.12.0_pre8. |
| 46 |
|
| 47 |
|
| 48 |
-- |
| 49 |
Martin Schlemmer |
Archives