From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from lists.gentoo.org ([140.105.134.102] helo=robin.gentoo.org) by nuthatch.gentoo.org with esmtp (Exim 4.43) id 1E7JPJ-0000Zv-KU for garchives@archives.gentoo.org; Mon, 22 Aug 2005 21:00:38 +0000 Received: from robin.gentoo.org (localhost [127.0.0.1]) by robin.gentoo.org (8.13.4/8.13.4) with SMTP id j7MKxIYI020995; Mon, 22 Aug 2005 20:59:18 GMT Received: from smtp.gentoo.org (smtp.gentoo.org [134.68.220.30]) by robin.gentoo.org (8.13.4/8.13.4) with ESMTP id j7MKxIhr014060 for ; Mon, 22 Aug 2005 20:59:18 GMT Received: from cpe-65-26-255-237.wi.res.rr.com ([65.26.255.237] helo=nightcrawler) by smtp.gentoo.org with esmtpa (Exim 4.43) id 1E7JOj-00011C-TG for gentoo-portage-dev@lists.gentoo.org; Mon, 22 Aug 2005 21:00:02 +0000 Date: Mon, 22 Aug 2005 15:58:53 -0500 From: Brian Harring To: gentoo-portage-dev@lists.gentoo.org Subject: Re: [gentoo-portage-dev] Re: Environment Whitelisting Message-ID: <20050822205853.GT10816@nightcrawler> References: <4308E349.8010107@egr.msu.edu> <20050822035207.GA26017@phaenix.haell.com> <200508222352.13913.jstubbs@gentoo.org> <430A149D.1050907@gmail.com> <430A2453.5050008@egr.msu.edu> <430A265D.8090907@gmail.com> Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-portage-dev@gentoo.org Reply-to: gentoo-portage-dev@lists.gentoo.org Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="H4SyuGOnfnj3aJqJ" Content-Disposition: inline In-Reply-To: <430A265D.8090907@gmail.com> User-Agent: Mutt/1.5.8i X-Archives-Salt: e834da14-e867-4685-af5c-6e3a0839fe9a X-Archives-Hash: 5cfa6921c57dc879dce9dcd9b3ea22a6 --H4SyuGOnfnj3aJqJ Content-Type: text/plain; charset=utf8 Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Mon, Aug 22, 2005 at 12:24:13PM -0700, Zac Medico wrote: > warnera6 wrote: > >>>My preference would go 4, 3, 2 then 1. While Makefiles and configure= =20 > >>>scripts may be "broken" upstream, how long is it before the breakage= =20 > >>>goes unnoticed? More importantly, what's the chances of a dev finding= =20 > >>>the breakage before users? Cleansing the environment to me is akin to= =20 > >>>using sandbox. It offers protection against misbehaving packages... > >>> > >> > >>Good point. How about if we add environment sandboxing support (in=20 > >>addition to filesystem sandboxing) to sandbox. With an environment=20 > >>sandbox, we could detect specifically which variables a build is=20 > >>fragile with regard to. The sandbox would have both filesystem access= =20 > >>and environment access violation summaries. > > > >"environmental sandbox" being similar to sandbox, or the cleansing of=20 > >the environment? The latter is easy, the former...I am not sure how you= =20 > > begin to detect variable use in bash :/ > > >=20 > AFAIK we can intercept getenv() calls the same way that we intercept=20 > filesystem calls. IMO the white/black/override lists would best be=20 > implemented at this level. Don't think this is the appropriate method, imo- remember sandbox=20 doesn't exist on bsd, so the solution wouldn't be across the board=20 (resulting in ebuild devs inventing their own that is when required). Better approach is abusing the env-filtering capabilities written into=20 2.1 already- it wouldn't require much to slip it into=20 ebuild_processor. ~harring --H4SyuGOnfnj3aJqJ Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.1 (GNU/Linux) iD8DBQFDCjyNvdBxRoA3VU0RArjAAJ9Dwm22Nb+8knH/SvZF+X3rGkkJGQCg6ZPp 9toju9gjZ0F9fLtZAyjzTio= =K5c/ -----END PGP SIGNATURE----- --H4SyuGOnfnj3aJqJ-- -- gentoo-portage-dev@gentoo.org mailing list