From owner-cvs-all@FreeBSD.ORG Tue May 1 19:35:23 2007 Return-Path: X-Original-To: cvs-all@FreeBSD.ORG Delivered-To: cvs-all@FreeBSD.ORG Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id B7D4B16A404; Tue, 1 May 2007 19:35:23 +0000 (UTC) (envelope-from das@FreeBSD.ORG) Received: from VARK.MIT.EDU (VARK.MIT.EDU [18.95.3.179]) by mx1.freebsd.org (Postfix) with ESMTP id 73F2513C4C5; Tue, 1 May 2007 19:35:23 +0000 (UTC) (envelope-from das@FreeBSD.ORG) Received: from VARK.MIT.EDU (localhost [127.0.0.1]) by VARK.MIT.EDU (8.13.8/8.13.1) with ESMTP id l41JZMcN001561; Tue, 1 May 2007 15:35:22 -0400 (EDT) (envelope-from das@FreeBSD.ORG) Received: (from das@localhost) by VARK.MIT.EDU (8.13.8/8.13.1/Submit) id l41JZMLO001560; Tue, 1 May 2007 15:35:22 -0400 (EDT) (envelope-from das@FreeBSD.ORG) Date: Tue, 1 May 2007 15:35:22 -0400 From: David Schultz To: Andrey Chernov , Alfred Perlstein , src-committers@FreeBSD.ORG, cvs-src@FreeBSD.ORG, cvs-all@FreeBSD.ORG Message-ID: <20070501193522.GA1480@VARK.MIT.EDU> Mail-Followup-To: Andrey Chernov , Alfred Perlstein , src-committers@FreeBSD.org, cvs-src@FreeBSD.org, cvs-all@FreeBSD.org References: <200704301516.l3UFGJbu019162@repoman.freebsd.org> <20070430180043.GK13868@elvis.mu.org> <20070430181824.GA83415@nagual.pp.ru> <20070430225717.GA7008@VARK.MIT.EDU> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20070430225717.GA7008@VARK.MIT.EDU> Cc: Subject: Re: cvs commit: src/usr.sbin/sysinstall main.c X-BeenThere: cvs-all@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: CVS commit messages for the entire tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 01 May 2007 19:35:23 -0000 On Mon, Apr 30, 2007, David Schultz wrote: > I think Alfred is absolutely right, and this is a pretty major > POLA violation. As a result of these changes, I've got two ports > (so far) and some model checking software that won't build/run > anymore. If we've been doing something right for years, changing > it around in order to inherit SVR4 bugs seems like a bad > plan. Holding up your POSIX banner doesn't really make things > okay; POSIX wasn't written by God, and we choose to ignore various > parts of it. And considering the way various setuid programs > attempt to sanitize their environment before doing a fork/exec, > the change may very well have security implications. FWIW, the env(1) change fixes at least one of these problems (in MOPS), but I'm still rebuilding ports. I'm still a little dubious of this change nevertheless. With any luck I'll have some time to look into it this weekend and plow through some of the PRs that have been tossed my way in the past few months.