Why PATH=/dev/null vs export PATH="" On Thu, Sep 7, 2017 at 3:36 AM, Michał Górny <mgo...@gentoo.org> wrote:
> Dnia 31 sierpnia 2017 22:45:42 CEST, "Michał Górny" <mgo...@gentoo.org> > napisał(a): > >Set PATH to /dev/null when sourcing the ebuild for dependency > >resolution > >in order to prevent shell from finding external commands via PATH > >lookup. While this does not prevent executing programs via full path, > >it > >should catch the majority of accidental uses. > > > >Closes: https://github.com/gentoo/portage/pull/199 > > > >// Note: this can't be merged right now since we still have ebuilds > >// calling external commands; see: > >// https://bugs.gentoo.org/show_bug.cgi?id=629222 > > Update: gentoo is green now > > >--- > > bin/ebuild.sh | 6 +++++- > > bin/isolated-functions.sh | 4 ++++ > > 2 files changed, 9 insertions(+), 1 deletion(-) > > > >diff --git a/bin/ebuild.sh b/bin/ebuild.sh > >index c23561651..94a44d534 100755 > >--- a/bin/ebuild.sh > >+++ b/bin/ebuild.sh > >@@ -80,8 +80,12 @@ else > > done > > unset funcs x > > > >+ # prevent the shell from finding external executables > >+ # note: we can't use empty because it implies current directory > >+ _PORTAGE_ORIG_PATH=${PATH} > >+ export PATH=/dev/null > > command_not_found_handle() { > >- die "Command not found while sourcing ebuild: ${*}" > >+ die "External commands disallowed while sourcing ebuild: > ${*}" > > } > > fi > > > >diff --git a/bin/isolated-functions.sh b/bin/isolated-functions.sh > >index e320f7132..b28e44f18 100644 > >--- a/bin/isolated-functions.sh > >+++ b/bin/isolated-functions.sh > >@@ -121,6 +121,10 @@ __helpers_die() { > > } > > > > die() { > >+ # restore PATH since die calls basename & sed > >+ # TODO: make it pure bash > >+ [[ -n ${_PORTAGE_ORIG_PATH} ]] && PATH=${_PORTAGE_ORIG_PATH} > >+ > > set +x # tracing only produces useless noise here > > local IFS=$' \t\n' > > > > > -- > Best regards, > Michał Górny (by phone) > >
