From owner-cvs-all@FreeBSD.ORG Tue May 1 00:07:25 2007 Return-Path: X-Original-To: cvs-all@FreeBSD.org Delivered-To: cvs-all@FreeBSD.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id B177616A404; Tue, 1 May 2007 00:07:25 +0000 (UTC) (envelope-from ache@nagual.pp.ru) Received: from nagual.pp.ru (nagual.pp.ru [194.87.13.69]) by mx1.freebsd.org (Postfix) with ESMTP id B24F213C43E; Tue, 1 May 2007 00:02:44 +0000 (UTC) (envelope-from ache@nagual.pp.ru) Received: from nagual.pp.ru (ache@localhost [127.0.0.1]) by nagual.pp.ru (8.14.1/8.14.1) with ESMTP id l4102hTg020401; Tue, 1 May 2007 04:02:43 +0400 (MSD) (envelope-from ache@nagual.pp.ru) Received: (from ache@localhost) by nagual.pp.ru (8.14.1/8.14.1/Submit) id l4102g4s020400; Tue, 1 May 2007 04:02:42 +0400 (MSD) (envelope-from ache) Date: Tue, 1 May 2007 04:02:42 +0400 From: Andrey Chernov To: Alfred Perlstein , src-committers@FreeBSD.org, cvs-src@FreeBSD.org, cvs-all@FreeBSD.org Message-ID: <20070501000242.GA19510@nagual.pp.ru> Mail-Followup-To: Andrey Chernov , Alfred Perlstein , src-committers@FreeBSD.org, cvs-src@FreeBSD.org, cvs-all@FreeBSD.org References: <200704301516.l3UFGJbu019162@repoman.freebsd.org> <20070430180043.GK13868@elvis.mu.org> <20070430181824.GA83415@nagual.pp.ru> <20070430225717.GA7008@VARK.MIT.EDU> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20070430225717.GA7008@VARK.MIT.EDU> User-Agent: Mutt/1.5.15 (2007-04-06) Cc: Subject: Re: cvs commit: src/usr.sbin/sysinstall main.c X-BeenThere: cvs-all@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: CVS commit messages for the entire tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 01 May 2007 00:07:25 -0000 On Mon, Apr 30, 2007 at 06:57:17PM -0400, David Schultz wrote: > I think Alfred is absolutely right, and this is a pretty major > POLA violation. That's -current for. Do you suggest to wait yet more N years to commit exact that stuff? > As a result of these changes, I've got two ports > (so far) and some model checking software that won't build/run > anymore. Please be specific, which ports exactly? Otherwise there is no useful information in your statement. > If we've been doing something right for years, changing > it around in order to inherit SVR4 bugs seems like a bad > plan. Holding up your POSIX banner doesn't really make things > okay; POSIX wasn't written by God, and we choose to ignore various > parts of it. There is no SVR4 bugs in this commit. Just more strict args checking (which really helps to catch poorly written things and have nothing common with SVR4) and clarifying that portable putenv() does not save arg. Please send all your possible complains to the Open Group, perhaps they change standard. Until that we (and software developers which try to make things portable) have no other alternative. Currrently we ignore just very minor things and don't need to increase that number without urgent needs. Other things are simple not implemented not ignored. > And considering the way various setuid programs > attempt to sanitize their environment before doing a fork/exec, > the change may very well have security implications. Sanitizing environment is completely unrelated to all of that. -- http://ache.pp.ru/