From owner-cvs-all Thu Jan 4 11:21:53 2001 From owner-cvs-all@FreeBSD.ORG Thu Jan 4 11:21:48 2001 Return-Path: Delivered-To: cvs-all@freebsd.org Received: from gratis.grondar.za (grouter.grondar.za [196.7.18.65]) by hub.freebsd.org (Postfix) with ESMTP id 4E07A37B404; Thu, 4 Jan 2001 11:21:44 -0800 (PST) Received: from grondar.za (root@gratis.grondar.za [196.7.18.133]) by gratis.grondar.za (8.11.1/8.11.1) with ESMTP id f04JLLY07292; Thu, 4 Jan 2001 21:21:25 +0200 (SAST) (envelope-from mark@grondar.za) Message-Id: <200101041921.f04JLLY07292@gratis.grondar.za> To: Garrett Wollman Cc: cvs-committers@FreeBSD.org, cvs-all@FreeBSD.org Subject: Re: cvs commit: src/usr.bin/apply apply.c References: <200101041909.OAA61522@khavrinen.lcs.mit.edu> In-Reply-To: <200101041909.OAA61522@khavrinen.lcs.mit.edu> ; from Garrett Wollman "Thu, 04 Jan 2001 14:09:53 EST." Date: Thu, 04 Jan 2001 21:21:17 +0200 From: Mark Murray Sender: owner-cvs-all@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG > < said: > > > Use getusershell() to make sure the SHELL environment variable passed is > > safe to use. Add new option -s to allow anal users to pass things like > > perl; this option is here along with getusershell() checking since the > > such checking is only intended to affect things like suidperl that might > > call apply(1). > > What is the reason for this change? Source code clean-up A' la BDEFLAGS. > I see no benefit in modifying many programs in this manner which do > not ordinarily run with elevated privileges. IMO, all programs that run ${SHELL} should do this. One less thing to worry about. Any runshell(3) call (I know there is not one ATM) should have this functionality by default. > It is the responsibility of those programs that do, to ensure that the > environment passed to their children is safe and sane. That is a fine supplement. We all know how well users write their scripts :-). M -- Mark Murray Warning: this .sig is umop ap!sdn To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe cvs-all" in the body of the message