gil...@poolp.org wrote: > September 2, 2019 5:23 PM, "Martijn van Duren" > <openbsd+t...@list.imperialat.at> wrote: > > > Gilles should probably elaborate, but the way things are now is that > > system(3) is used to start the filters, allowing us to run any arbitrary > > (set of) command(s) as a filter. > > > > Since the filters now in ports are non-interactive commands I proposed > > to move them to /usr/local/libexec/smtpd, which gilles@ is a proponent > > of. This however means that all filters need to be specified by a full > > path, which is not something I would promote. > > > > Hence the proposition of this diff. > > > > I don't feel comfortable adding that path to PATH, even if we're going > to call system() right behind.
The main problem with adding it to PATH, is the transitive nature of the environment. If the first command being run does a system of something else, it will be seen again. If it runs a shell script, there it is. Easily reachable code fragments becomes available by virtue of being at the head of the path. That is improper.
