On Thu, Nov 10, 2022 at 05:37:53PM +0100, Tollef Fog Heen wrote: > I think it's more wide than that: If you change UID, you need to > sanitise the environment. Your HOME is likely to be wrong. PATH might > very well be pointing at directories which are not appropriate for the > user you're changing the UID to, etc.
I don't think that this is necessarily obviously the case in general. For example, I often use "sudo -s" and *don't* want HOME reset. It depends on the purpose of taking different privileges as to what is appropriate to reset. > I'm not sure this is libpam-tmpdir specific, but rather a bit more > general: what are the expectations that maintainer scripts can have > about the environment they're running in, and how do we make those > expectations hold? This should probably then be documented in policy. Agreed, but also, we need a specific answer for TMPDIR. We pass things into maintainer scripts because we want to change their behaviour (eg. DEBIAN_FRONTEND). So which specific variables are required to be reset by maintainer scripts and under what circumstances?
signature.asc
Description: PGP signature