|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Subject: [RFC] environment sanitisation wrapper
From: Sean Hunter (sean
uncarved.com)Date: Sun May 28 2000 - 09:39:22 CDT
- Next message: Sean Hunter: "Re: [RFC] environment sanitisation wrapper"
- Previous message: Andries.Brouwercwi.nl: "Re: write(1) security (was: Re: Here's another glibc env. var.)"
- Next in thread: Sean Hunter: "Re: [RFC] environment sanitisation wrapper"
- Reply: Sean Hunter: "Re: [RFC] environment sanitisation wrapper"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Given the recent debates over environment variables, I decided to
write a small wrapper to ensure a sane environment for important
programs. What it does is remove any unwanted env vars before
executing a given program. So, instead of running "foobar" you'll run
"safe_env foobar", or if foobar wants to see the BAZ env var, you do
"safe_env -s BAZ foobar" or something.
Is this at all useful? If so, what environment variables do we trust
to add to this safe_builtins list? Have I done anything dumb in the
implimentation?
Sean
- text/plain attachment: safe_env.c
- Next message: Sean Hunter: "Re: [RFC] environment sanitisation wrapper"
- Previous message: Andries.Brouwercwi.nl: "Re: write(1) security (was: Re: Here's another glibc env. var.)"
- Next in thread: Sean Hunter: "Re: [RFC] environment sanitisation wrapper"
- Reply: Sean Hunter: "Re: [RFC] environment sanitisation wrapper"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]