1 |
On Monday 22 August 2005 12:52, Drake Wyrm wrote: |
2 |
> Alec Warner <warnera6@×××××××.edu> wrote: |
3 |
> > Was talking with Brian about the build environment and how settings |
4 |
> > were to be passed into the build environment. |
5 |
> > |
6 |
> > Essentially three scenarios were presented. |
7 |
> |
8 |
> Snip and summary: |
9 |
> |
10 |
> 1) Pass everything |
11 |
> |
12 |
> 2) Blacklist and strip bad stuff |
13 |
> |
14 |
> 3) Whitelist good stuff; strip everything else |
15 |
> |
16 |
> > To me 1) is unacceptable and 3) is the best option. Feel free to |
17 |
> > shoot these down as you see fit ;) |
18 |
> |
19 |
> Option 4: Strip everything. |
20 |
> |
21 |
> Nothing is passed from the original environment; everything passed in the |
22 |
> environment is considered to be a "portage variable". This, I suppose, |
23 |
> is an extreme case of the whitelist. |
24 |
|
25 |
Well, I'll go against the flow. ;) |
26 |
|
27 |
My preference would go 4, 3, 2 then 1. While Makefiles and configure scripts |
28 |
may be "broken" upstream, how long is it before the breakage goes |
29 |
unnoticed? More importantly, what's the chances of a dev finding the |
30 |
breakage before users? Cleansing the environment to me is akin to using |
31 |
sandbox. It offers protection against misbehaving packages... |
32 |
|
33 |
-- |
34 |
Jason Stubbs |