From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from smtp.gentoo.org (smtp.gentoo.org [134.68.220.30])
	by robin.gentoo.org (8.13.3/8.13.3) with ESMTP id j2DN6BP9001549
	for <gentoo-dev@robin.gentoo.org>; Sun, 13 Mar 2005 23:06:11 GMT
Received: from adsl-67-39-48-196.dsl.milwwi.ameritech.net ([67.39.48.196] helo=freedom.wit.com)
	by smtp.gentoo.org with esmtpa (Exim 4.43)
	id 1DAc9y-0002Ir-Pd
	for gentoo-dev@robin.gentoo.org; Sun, 13 Mar 2005 23:06:10 +0000
Date: Sun, 13 Mar 2005 17:05:31 -0600
From: Brian Harring <ferringb@gentoo.org>
To: gentoo-dev@robin.gentoo.org
Subject: Re: [gentoo-dev] whitelisting the env ebuilds execute in
Message-ID: <20050313230531.GE19847@freedom.wit.com>
References: <20050313154016.GC19847@freedom.wit.com> <20050313154803.21784e10@snowdrop> <20050313160406.GD19847@freedom.wit.com> <1110752415.11273.29.camel@localhost>
Precedence: bulk
List-Post: <mailto:gentoo-dev@gentoo.org>, <mailto:gentoo-dev@robin.gentoo.org>, <mailto:gentoo-dev@lists.gentoo.org>
List-Help: <mailto:gentoo-dev+help@gentoo.org>
List-Unsubscribe: <mailto:gentoo-dev+unsubscribe@gentoo.org>
List-Subscribe: <mailto:gentoo-dev+subscribe@gentoo.org>
List-Id: Gentoo Linux mail <gentoo-dev.gentoo.org>
X-BeenThere: gentoo-dev@gentoo.org
Reply-To: gentoo-dev@gentoo.org
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <1110752415.11273.29.camel@localhost>
User-Agent: Mutt/1.5.6i
X-Archives-Salt: e281f3d7-a6c7-4799-8cea-539d2a69418d
X-Archives-Hash: 0f6afacb9f4b93614f66c60bf2076f6a

On Sun, Mar 13, 2005 at 05:20:15PM -0500, Ned Ludd wrote:
> So it will be something like $PORTDIR/profiles/env.accept.list in which 
> all devs should be able to add to as needed vs having to file bugs and
> wait for long periods of time?
Yeah, pretty much.

Whatever y'all want it to be, I'm just getting bloody sick of seeing 200+ vars in an ebuild execution env, whenever I 
have to go digging into the guts of it.  Beyond that, it is (afaik) a good source of screwy bugs- random user vars 
screwing with things that aren't expected/accounted for.  A blacklist approach isn't sane there, too many 
possibilities.

Not sure who it was who mentioned it (marienz, was that you?), but a per-ebuild GRAB_USER_VARS would likely be sane 
also- that would be checked by the ebuild_processor, and the env var would be set.  This is post sourcing however- 
before setup phase.
~harring
--
gentoo-dev@gentoo.org mailing list