Mercurial > hg > aboriginal
changeset 1175:886a2ea90bc1
Add sanitize_environment to unset unrecognized environment variables.
author | Rob Landley <rob@landley.net> |
---|---|
date | Sun, 25 Jul 2010 23:25:58 -0500 |
parents | 5061606337d0 |
children | 29c86692f80d |
files | config sources/include.sh sources/utility_functions.sh |
diffstat | 3 files changed, 33 insertions(+), 1 deletions(-) [+] |
line wrap: on
line diff
--- a/config Sun Jul 25 14:29:01 2010 -0500 +++ b/config Sun Jul 25 23:25:58 2010 -0500 @@ -82,6 +82,10 @@ # export PREFERRED_MIRROR=http://impactlinux.com/fml/mirror +# Set this if you don't want to drop all unrecognized environment variables. + +# NO_SANITIZE_ENVIRONMENT=1 + # If set, the toybox utilities will take precedence over busybox ones. # (Probably obsolete.)
--- a/sources/include.sh Sun Jul 25 14:29:01 2010 -0500 +++ b/sources/include.sh Sun Jul 25 23:25:58 2010 -0500 @@ -11,7 +11,7 @@ # Avoid trouble from unexpected environment settings -unset CROSS_COMPILE ARCH CDPATH +[ -z "$NO_SANITIZE_ENVIRONMENT" ] && sanitize_environment # List of fallback mirrors to download package source from
--- a/sources/utility_functions.sh Sun Jul 25 14:29:01 2010 -0500 +++ b/sources/utility_functions.sh Sun Jul 25 23:25:58 2010 -0500 @@ -2,6 +2,34 @@ # This file contains generic functions, presumably reusable in other contexts. +# Unset all environment variables that we don't know about, in case some crazy +# person already exported $CROSS_COMPILE, $ARCH, $CDPATH, or who knows what +# else. It's hard to know what might drive some package crazy, so use a +# whitelist. + +sanitize_environment() +{ + # Which variables are set in config? + + TEMP=$(echo $(sed -n 's/.*export[ \t]*\([^=]*\).*/\1/p' config) | sed 's/ /,/g') + + # What other variables should we keep? + + TEMP="$TEMP,LANG,PATH,TOPSHELL,START_TIME" + TEMP="$TEMP,SHELL,TERM,USER,USERNAME,LOGNAME,PWD,EDITOR,HOME,DISPLAY,_" + + # Unset any variable we don't recognize. It can screw up the build. + + for i in $(env | sed 's/=.*//') + do + is_in_list $i "$TEMP" && continue + [ "${i:0:7}" == "DISTCC_" ] && continue + [ "${i:0:7}" == "CCACHE_" ] && continue + + unset $i + done +} + # Assign (export) a variable only if current value is blank export_if_blank()