From owner-cvs-all@FreeBSD.ORG Mon Apr 30 18:18:27 2007 Return-Path: X-Original-To: cvs-all@FreeBSD.org Delivered-To: cvs-all@FreeBSD.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id 246A716A403; Mon, 30 Apr 2007 18:18:27 +0000 (UTC) (envelope-from ache@nagual.pp.ru) Received: from nagual.pp.ru (nagual.pp.ru [194.87.13.69]) by mx1.freebsd.org (Postfix) with ESMTP id 8072913C4C5; Mon, 30 Apr 2007 18:18:26 +0000 (UTC) (envelope-from ache@nagual.pp.ru) Received: from nagual.pp.ru (ache@localhost [127.0.0.1]) by nagual.pp.ru (8.14.1/8.14.1) with ESMTP id l3UIIPOT083519; Mon, 30 Apr 2007 22:18:25 +0400 (MSD) (envelope-from ache@nagual.pp.ru) Received: (from ache@localhost) by nagual.pp.ru (8.14.1/8.14.1/Submit) id l3UIIP5r083518; Mon, 30 Apr 2007 22:18:25 +0400 (MSD) (envelope-from ache) Date: Mon, 30 Apr 2007 22:18:25 +0400 From: Andrey Chernov To: Alfred Perlstein Message-ID: <20070430181824.GA83415@nagual.pp.ru> Mail-Followup-To: Andrey Chernov , Alfred Perlstein , src-committers@FreeBSD.org, cvs-src@FreeBSD.org, cvs-all@FreeBSD.org References: <200704301516.l3UFGJbu019162@repoman.freebsd.org> <20070430180043.GK13868@elvis.mu.org> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20070430180043.GK13868@elvis.mu.org> User-Agent: Mutt/1.5.15 (2007-04-06) Cc: cvs-src@FreeBSD.org, src-committers@FreeBSD.org, cvs-all@FreeBSD.org Subject: Re: cvs commit: src/usr.sbin/sysinstall main.c X-BeenThere: cvs-all@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: CVS commit messages for the entire tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 30 Apr 2007 18:18:27 -0000 On Mon, Apr 30, 2007 at 11:00:43AM -0700, Alfred Perlstein wrote: > * Andrey A. Chernov [070430 08:17] wrote: > > ache 2007-04-30 15:16:19 UTC > > > > FreeBSD src repository > > > > Modified files: > > usr.sbin/sysinstall main.c > > Log: > > Preparing for upcoming POSIXed putenv() rewrite: > > don't allow const as putenv() arg, dup it > > > > Revision Changes Path > > 1.75 +1 -1 src/usr.sbin/sysinstall/main.c > > Maybe this was mentioned on the lists, but couldn't there be some > kind of define that old code could use like #define BSD_PUTENV? Why? We must follow standards to stay in line with possible concurrents, and we already are several years later with that. Even in case some applications will be found incompatible, they forced to follow standards too to continue works in the modern environment. > I'm concerned that all these changes could lead to security > holes. Please be specific. Which changes exactly you means? Changes to applications works with any putenv() kind, they are just portablility fixes, no holes there. Changes to the library aren't under the question too: you can just directly modify **environ variable from your own code bypassing any setenv and putenv - they are just convenient interface. -- http://ache.pp.ru/