changeset 1175:886a2ea90bc1

Add sanitize_environment to unset unrecognized environment variables.
author Rob Landley <rob@landley.net>
date Sun, 25 Jul 2010 23:25:58 -0500
parents 5061606337d0
children 29c86692f80d
files config sources/include.sh sources/utility_functions.sh
diffstat 3 files changed, 33 insertions(+), 1 deletions(-) [+]
line wrap: on
line diff
--- a/config	Sun Jul 25 14:29:01 2010 -0500
+++ b/config	Sun Jul 25 23:25:58 2010 -0500
@@ -82,6 +82,10 @@
 
 # export PREFERRED_MIRROR=http://impactlinux.com/fml/mirror
 
+# Set this if you don't want to drop all unrecognized environment variables.
+
+# NO_SANITIZE_ENVIRONMENT=1
+
 # If set, the toybox utilities will take precedence over busybox ones.
 # (Probably obsolete.)
 
--- a/sources/include.sh	Sun Jul 25 14:29:01 2010 -0500
+++ b/sources/include.sh	Sun Jul 25 23:25:58 2010 -0500
@@ -11,7 +11,7 @@
 
 # Avoid trouble from unexpected environment settings
 
-unset CROSS_COMPILE ARCH CDPATH
+[ -z "$NO_SANITIZE_ENVIRONMENT" ] && sanitize_environment
 
 # List of fallback mirrors to download package source from
 
--- a/sources/utility_functions.sh	Sun Jul 25 14:29:01 2010 -0500
+++ b/sources/utility_functions.sh	Sun Jul 25 23:25:58 2010 -0500
@@ -2,6 +2,34 @@
 
 # This file contains generic functions, presumably reusable in other contexts.
 
+# Unset all environment variables that we don't know about, in case some crazy
+# person already exported $CROSS_COMPILE, $ARCH, $CDPATH, or who knows what
+# else.  It's hard to know what might drive some package crazy, so use a
+# whitelist.
+
+sanitize_environment()
+{
+  # Which variables are set in config?
+
+  TEMP=$(echo $(sed -n 's/.*export[ \t]*\([^=]*\).*/\1/p' config) | sed 's/ /,/g')
+
+  # What other variables should we keep?
+
+  TEMP="$TEMP,LANG,PATH,TOPSHELL,START_TIME"
+  TEMP="$TEMP,SHELL,TERM,USER,USERNAME,LOGNAME,PWD,EDITOR,HOME,DISPLAY,_"
+
+  # Unset any variable we don't recognize.  It can screw up the build.
+
+  for i in $(env | sed 's/=.*//')
+  do
+    is_in_list $i "$TEMP" && continue
+    [ "${i:0:7}" == "DISTCC_" ] && continue
+    [ "${i:0:7}" == "CCACHE_" ] && continue
+
+    unset $i
+  done
+}
+
 # Assign (export) a variable only if current value is blank
 
 export_if_blank()