From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from lists.gentoo.org ([140.105.134.102] helo=robin.gentoo.org)
	by nuthatch.gentoo.org with esmtp (Exim 4.43)
	id 1EAHmk-0008N8-8T
	for garchives@archives.gentoo.org; Wed, 31 Aug 2005 01:53:06 +0000
Received: from robin.gentoo.org (localhost [127.0.0.1])
	by robin.gentoo.org (8.13.4/8.13.4) with SMTP id j7V1oFUF001946;
	Wed, 31 Aug 2005 01:50:15 GMT
Received: from smtp.gentoo.org (smtp.gentoo.org [134.68.220.30])
	by robin.gentoo.org (8.13.4/8.13.4) with ESMTP id j7V1mZUp024306
	for <gentoo-dev@lists.gentoo.org>; Wed, 31 Aug 2005 01:48:35 GMT
Received: from main.gmane.org ([80.91.229.2] helo=ciao.gmane.org)
	by smtp.gentoo.org with esmtp (Exim 4.43)
	id 1EAHkU-0000Wk-LY
	for gentoo-dev@lists.gentoo.org; Wed, 31 Aug 2005 01:50:46 +0000
Received: from list by ciao.gmane.org with local (Exim 4.43)
	id 1EAHjL-0000M0-W9
	for gentoo-dev@gentoo.org; Wed, 31 Aug 2005 03:49:36 +0200
Received: from dsl-082-082-127-049.arcor-ip.net ([82.82.127.49])
        by main.gmane.org with esmtp (Gmexim 0.1 (Debian))
        id 1AlnuQ-0007hv-00
        for <gentoo-dev@gentoo.org>; Wed, 31 Aug 2005 03:49:35 +0200
Received: from skoehler by dsl-082-082-127-049.arcor-ip.net with local (Gmexim 0.1 (Debian))
        id 1AlnuQ-0007hv-00
        for <gentoo-dev@gentoo.org>; Wed, 31 Aug 2005 03:49:35 +0200
X-Injected-Via-Gmane: http://gmane.org/
To: gentoo-dev@lists.gentoo.org
From: =?ISO-8859-1?Q?Sven_K=F6hler?= <skoehler@upb.de>
Subject: [gentoo-dev]  Re: init.d-scripts don't see stuff from /etc/profile.env
Date:  Wed, 31 Aug 2005 03:41:25 +0200
Message-ID: <df329l$8vq$1@sea.gmane.org>
References:  <defcf0$i8a$1@sea.gmane.org> <200508251201.43416.pauldv@gentoo.org> <1125437576.13588.8.camel@uberpc.ubernet> <200508301909.51972.vapier@gentoo.org>
Precedence: bulk
List-Post: <mailto:gentoo-dev@lists.gentoo.org>
List-Help: <mailto:gentoo-dev+help@gentoo.org>
List-Unsubscribe: <mailto:gentoo-dev+unsubscribe@gentoo.org>
List-Subscribe: <mailto:gentoo-dev+subscribe@gentoo.org>
List-Id: Gentoo Linux mail <gentoo-dev.gentoo.org>
X-BeenThere: gentoo-dev@gentoo.org
Reply-to: gentoo-dev@lists.gentoo.org
Mime-Version:  1.0
Content-Type:  multipart/signed; micalg=pgp-sha1;
 protocol="application/pgp-signature";
 boundary="------------enigE56AC231EF3FA5A57C24972B"
X-Complaints-To: usenet@sea.gmane.org
X-Gmane-NNTP-Posting-Host: dsl-082-082-127-049.arcor-ip.net
User-Agent: Mozilla Thunderbird 1.0.6 (Windows/20050716)
X-Accept-Language: de-DE, de, en-us, en
In-Reply-To: <200508301909.51972.vapier@gentoo.org>
X-Enigmail-Version: 0.92.0.0
Sender: news <news@sea.gmane.org>
X-Archives-Salt: 6d4fa9c9-baa8-4e47-9512-50a6c98ee2db
X-Archives-Hash: a9cf0eb24ff5f651f04b5603a610438c

This is an OpenPGP/MIME signed message (RFC 2440 and 3156)
--------------enigE56AC231EF3FA5A57C24972B
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: 7bit

> init.d scripts should have a pure env given to them ... which means, they 
> should be run with `env -i` and have only whitelisted variables given to them 
> (and everything that appears in /etc/conf.d/$service /etc/conf.d/rc 
> and /etc/rc.conf) ...

Now that may be too few variables. At least the variable LANG (or
whatever the system-admin may chose to set) could be seen as a
system-wide language-setting. It could be intentional, that at least
some variables are available to the started server-processes. Especially
a system-wide language-setting would be a good idea.

After all, there's one point:
The 2 possible situations (init-script started by root-shell,
init-script started at by init-process) because of at least 2 reasons:

- less side-effects
- and of course the reason vapier mentiones:

> after all, you wouldnt want something like apache having all those vars in its 
> env because they'd show up in php script env which means available to the 
> public

--------------enigE56AC231EF3FA5A57C24972B
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: OpenPGP digital signature
Content-Disposition: attachment; filename="signature.asc"

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.1 (Cygwin)
Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org

iD8DBQFDFQrF7Ww7FjRBE4ARAgyLAJ9jcnRSwn0NMlipqyh5vg49T6bdLACgyKq2
ooJHShrkM4wzKcO1vgCEmdY=
=AuEz
-----END PGP SIGNATURE-----

--------------enigE56AC231EF3FA5A57C24972B--

-- 
gentoo-dev@gentoo.org mailing list