From owner-freebsd-rc@freebsd.org Fri Jan 25 18:55:41 2019 Return-Path: Delivered-To: freebsd-rc@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id A914014BEA48 for ; Fri, 25 Jan 2019 18:55:41 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from mailman.ysv.freebsd.org (mailman.ysv.freebsd.org [IPv6:2001:1900:2254:206a::50:5]) by mx1.freebsd.org (Postfix) with ESMTP id 3CD5A6AA9A for ; Fri, 25 Jan 2019 18:55:41 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: by mailman.ysv.freebsd.org (Postfix) id 00B0714BEA45; Fri, 25 Jan 2019 18:55:41 +0000 (UTC) Delivered-To: rc@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id D284814BEA43 for ; Fri, 25 Jan 2019 18:55:40 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from mxrelay.ysv.freebsd.org (mxrelay.ysv.freebsd.org [IPv6:2001:1900:2254:206a::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) server-signature RSA-PSS (4096 bits) client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.ysv.freebsd.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 7290C6AA98 for ; Fri, 25 Jan 2019 18:55:40 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2001:1900:2254:206a::16:76]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mxrelay.ysv.freebsd.org (Postfix) with ESMTPS id B26311ED for ; Fri, 25 Jan 2019 18:55:39 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org ([127.0.1.118]) by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id x0PItdbR003137 for ; Fri, 25 Jan 2019 18:55:39 GMT (envelope-from bugzilla-noreply@freebsd.org) Received: (from www@localhost) by kenobi.freebsd.org (8.15.2/8.15.2/Submit) id x0PItd5a003136 for rc@FreeBSD.org; Fri, 25 Jan 2019 18:55:39 GMT (envelope-from bugzilla-noreply@freebsd.org) X-Authentication-Warning: kenobi.freebsd.org: www set sender to bugzilla-noreply@freebsd.org using -f From: bugzilla-noreply@freebsd.org To: rc@FreeBSD.org Subject: [Bug 235185] www/fcgiwrap: environment should be cleaned in /usr/local/etc/rc.d/fcgiwrap Date: Fri, 25 Jan 2019 18:55:38 +0000 X-Bugzilla-Reason: CC X-Bugzilla-Type: changed X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: Ports & Packages X-Bugzilla-Component: Individual Port(s) X-Bugzilla-Version: Latest X-Bugzilla-Keywords: X-Bugzilla-Severity: Affects Some People X-Bugzilla-Who: rgrimes@FreeBSD.org X-Bugzilla-Status: Open X-Bugzilla-Resolution: X-Bugzilla-Priority: --- X-Bugzilla-Assigned-To: rodrigo@FreeBSD.org X-Bugzilla-Flags: maintainer-feedback? X-Bugzilla-Changed-Fields: Message-ID: In-Reply-To: References: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/ Auto-Submitted: auto-generated MIME-Version: 1.0 X-BeenThere: freebsd-rc@freebsd.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: "Discussion related to /etc/rc.d design and implementation." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 25 Jan 2019 18:55:41 -0000 https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D235185 --- Comment #17 from Rodney W. Grimes --- (In reply to Devin Teske from comment #15) This idea is appladable, but what is the default value of this knob? If it is yes so that the environment is sanitized satisfying vas@'s desires= it would be a POLA violation for anyone who has been using environment variabl= es to effect things started by rc.d scripts. If it is no, leaving the system function as is so no POLA or breakage it wo= uld not achieve what vas@ is asking for. And in either case one would not likely find this subtle knob addition that effects this change for what is now looking to be a small edge case of slop= py admins that work as root with poluted ENV invoking daemon starting scripts directly rather than using the services wrap (which someone did find to be doing the sanitization asked for and hence I now deam the correct solution = to this bug report, no change needed.) All that being said, I would in no way object to: a) Adding a env -i to the rc.d/fcgiwrap start script AND submitting a repo= rt to the author asking that he clean up its act b) Adding a knob to /etc/defaults/rc.conf that does Devin's global type en= v -i to the rc.d system with a default value of off c) Documenting in services.8 more clearly that: a) It really does do a full revoke with only PATH and HOME exported fr= om the environment it seems a bit unclear as it is written today. b) That directly invoking a rc.d/script may or may not have this clean= ing done depnding on the new knob in b). --=20 You are receiving this mail because: You are on the CC list for the bug.=