commit: ad499b1f906472967881350c51e4571d833aeb79
Author: Kerin Millar <kfm <AT> plushkava <DOT> net>
AuthorDate: Fri Jul 18 04:42:42 2025 +0000
Commit: Sam James <sam <AT> gentoo <DOT> org>
CommitDate: Tue Jul 22 22:29:34 2025 +0000
URL: https://gitweb.gentoo.org/proj/portage.git/commit/?id=ad499b1f
save-ebuild-env.sh: filter out a subset of variables with the XDG_ prefix
Have the __save_ebuild_env() function filter out the 'XDG_VTNR'
variable, in addition to all variables bearing the following prefixes.
- XDG_CONFIG_
- XDG_CURRENT_
- XDG_DATA_
- XDG_MENU_
- XDG_RUNTIME_
- XDG_SEAT_
- XDG_SESSION_
With this change, I was able to observe a marked improvement in
"environment.bz2" hygiene for scenarios in with the effective UID is
elevated to 0 (root) without simulating a full login. In particular, all
of the following variables are now excluded.
- XDG_CONFIG_DIRS
- XDG_CURRENT_DESKTOP
- XDG_DATA_DIRS
- XDG_MENU_PREFIX
- XDG_RUNTIME_DIR
- XDG_SEAT
- XDG_SEAT_PATH
- XDG_SESSION_CLASS
- XDG_SESSION_DESKTOP
- XDG_SESSION_ID
- XDG_SESSION_PATH
- XDG_SESSION_TYPE
- XDG_VTNR
Some of these variables moderately impact upon the privacy of the user
and portage has no business dumping them into world-readable files
beneath the "/var/db/pkg" directory, nor in incorporating them into
binary packages. The 'XDG_DATA_DIRS' variable is notable among these,
for it may remain set even when simulating a full login e.g. by running
su(1) with the -l option.
The reason for being selective with the prefixes is that the "xdg"
eclass conflicts with the "XDG_" namespace by declaring several
variables bearing the "XDG_ECLASS_" prefix; none of which are
environment variables, mind. I have not yet ascertained that those are
safe to exclude and am therefore erring on the side of caution.
Finally, it should be noted that the 'XDG_CONFIG_HOME', 'XDG_DATA_HOME',
'XDG_STATE_HOME' and 'XDG_RUNTIME_DIR' variables were already being
excluded for EAPI 7 and 8, owing to the definition of 'ENV_UNSET' in the
base profile.
Signed-off-by: Kerin Millar <kfm <AT> plushkava.net>
Signed-off-by: Sam James <sam <AT> gentoo.org>
bin/save-ebuild-env.sh | 6 ++++--
1 file changed, 4 insertions(+), 2 deletions(-)
diff --git a/bin/save-ebuild-env.sh b/bin/save-ebuild-env.sh
index 71c4c2e672..1590d28b1c 100644
--- a/bin/save-ebuild-env.sh
+++ b/bin/save-ebuild-env.sh
@@ -48,8 +48,10 @@ __save_ebuild_env() (
ftp_proxy https_proxy http_proxy no_proxy
# other variables inherited from the calling environment
- "${!SSH_@}" CVS_RSH ECHANGELOG_USER GPG_AGENT_INFO STY WINDOW
- XAUTHORITY
+ "${!SSH_@}" "${!XDG_CURRENT_@}" "${!XDG_RUNTIME_@}"
+ "${!XDG_SESSION_@}" "${!XDG_CONFIG_@}" "${!XDG_DATA_@}"
+ "${!XDG_MENU_@}" "${!XDG_SEAT_@}" CVS_RSH ECHANGELOG_USER
+ GPG_AGENT_INFO STY WINDOW XAUTHORITY XDG_VTNR
# portage config variables and variables set directly by portage
ACCEPT_LICENSE BUILD_PREFIX COLS DOC_SYMLINKS_DIR DISTDIR
