Uploaded image for project: 'Funtoo Linux'
  1. Funtoo Linux
  2. FL-6926

Portage allows environment variable pollution of builds.

Details

    • Improvement
    • Status: Work Queue
    • Normal
    • Resolution: Unresolved
    • None

    Description

      See FL-6885. In this case, XDG_CACHE_HOME, when exported, is able to enter the ebuild build environment and cause go and other compilers to fail.

      Gentoo has a workaround for this problem in the form of xdg_environment_reset, a function defined in xdg-utils.eclass.

      However, it seems more reasonable that Portage would ensure a minimal, sane environment for building packages and not allow any potentially problematic or compile-impacting environment variables to enter the build environment. This can cause a variety of problems as documented in FL-6885. If some kind of whitelisting or blacklisting currently exists for environment variables, then it doesn't appear to be sufficient.

      Attachments

        Issue Links

          Activity

            People

              Unassigned Unassigned
              drobbins drobbins
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

                Created:
                Updated: