[Freeipa-devel] [freeipa PR#204][comment] ipautil.run: Remove hardcoded environ PATH value
rcritten
freeipa-github-notification at redhat.com
Tue Nov 1 18:39:45 UTC 2016
URL: https://github.com/freeipa/freeipa/pull/204
Title: #204: ipautil.run: Remove hardcoded environ PATH value
rcritten commented:
"""
PATH is untrustworthy because there is no knowing what is in it, or the order. It could easily have /usr/local/bin first and some rogue version of a program installed there, or it could have something in ~/bin. Calling exec() is dangerous by its very nature so we opted to be paranoid.
Your archaeology is right, this wasn't exactly documented. Perhaps it was discussed on IRC in relation to the bug but I remember talking to Simo about this.
"""
See the full comment at https://github.com/freeipa/freeipa/pull/204#issuecomment-257655506
More information about the Freeipa-devel
mailing list