# HG changeset patch # User Rob Landley # Date 1280118358 18000 # Node ID 886a2ea90bc198826784f70dff579c84135623de # Parent 5061606337d0a6e62e877bd4f218e0f00ecf5794 Add sanitize_environment to unset unrecognized environment variables. diff -r 5061606337d0 -r 886a2ea90bc1 config --- a/config Sun Jul 25 14:29:01 2010 -0500 +++ b/config Sun Jul 25 23:25:58 2010 -0500 @@ -82,6 +82,10 @@ # export PREFERRED_MIRROR=http://impactlinux.com/fml/mirror +# Set this if you don't want to drop all unrecognized environment variables. + +# NO_SANITIZE_ENVIRONMENT=1 + # If set, the toybox utilities will take precedence over busybox ones. # (Probably obsolete.) diff -r 5061606337d0 -r 886a2ea90bc1 sources/include.sh --- a/sources/include.sh Sun Jul 25 14:29:01 2010 -0500 +++ b/sources/include.sh Sun Jul 25 23:25:58 2010 -0500 @@ -11,7 +11,7 @@ # Avoid trouble from unexpected environment settings -unset CROSS_COMPILE ARCH CDPATH +[ -z "$NO_SANITIZE_ENVIRONMENT" ] && sanitize_environment # List of fallback mirrors to download package source from diff -r 5061606337d0 -r 886a2ea90bc1 sources/utility_functions.sh --- a/sources/utility_functions.sh Sun Jul 25 14:29:01 2010 -0500 +++ b/sources/utility_functions.sh Sun Jul 25 23:25:58 2010 -0500 @@ -2,6 +2,34 @@ # This file contains generic functions, presumably reusable in other contexts. +# Unset all environment variables that we don't know about, in case some crazy +# person already exported $CROSS_COMPILE, $ARCH, $CDPATH, or who knows what +# else. It's hard to know what might drive some package crazy, so use a +# whitelist. + +sanitize_environment() +{ + # Which variables are set in config? + + TEMP=$(echo $(sed -n 's/.*export[ \t]*\([^=]*\).*/\1/p' config) | sed 's/ /,/g') + + # What other variables should we keep? + + TEMP="$TEMP,LANG,PATH,TOPSHELL,START_TIME" + TEMP="$TEMP,SHELL,TERM,USER,USERNAME,LOGNAME,PWD,EDITOR,HOME,DISPLAY,_" + + # Unset any variable we don't recognize. It can screw up the build. + + for i in $(env | sed 's/=.*//') + do + is_in_list $i "$TEMP" && continue + [ "${i:0:7}" == "DISTCC_" ] && continue + [ "${i:0:7}" == "CCACHE_" ] && continue + + unset $i + done +} + # Assign (export) a variable only if current value is blank export_if_blank()