[PATCH/cygwin] reduce number of propagated environment variables
Corinna Vinschen
vinschen at redhat.com
Sat Feb 20 09:01:47 EST 2010
On Feb 19 23:26, Roumen Petrov wrote:
> Hi Corinna,
>
> Corinna Vinschen wrote:
> >- { NL("TMP=") },
> >- { NL("TEMP=") },
> Why TMP and TEMP are in the list for removal ?
> Some open-source project may use TMP .
And it doesn't hurt if they are not set. The default is /tmp, as
usual. TMP and TEMP are also not set if you start a child process
under sshd on other systems like OpenBSD or Linux.
On the contrary, we stumbled over the disadvantage to propagate /tmp to
the child only yesterday. If TMP and TEMP are set to a directory which
only the privileged user running sshd has acess to, then the user switch
results in unusable TMP and TEMP settings. Setting TMP orTEMP or TMPDIR
should better be done in the user's profile.
> What is impact if PROCESSOR_* is removed ? Did you test as example
> with python ?
The idea in sshd was for many years not to propagate any variables from
the privileged user running sshd to the unprivileged child process.
The Cygwin version propagates a couple of variables becase they are
required to run child processes, but the idea also was to keep the
list as small as possible. The removed variables are not actually
necessary. Even ALLUSERSPROFILE is a questionable variable which I
could be convinced to sacrifice.
No, I didn't test with python. Cygwin's python should work without
these variables. You are not actually trying to tell me that python
really uses these environment variables to fetch information about the
CPU, right? The variables are not available on other systems and the
user could set them to arbitrary values. /proc/cpuinfo for instance,
which is available on Cygwin as well, is a much more reliable source of
information.
Corinna
--
Corinna Vinschen
Cygwin Project Co-Leader
Red Hat
More information about the openssh-unix-dev
mailing list