URL: https://github.com/freeipa/freeipa/pull/204
Title: #204: ipautil.run: Remove hardcoded environ PATH value

rcritten commented:
NACK. I'd be fine with changing the PATH to remove cruft but the primary 
purpose is to prevent an attacker from providing their own PATH with unknown 
executables. For those few places where one must control PATH then env can be 
(and is) passed in.

No ticket?

See the full comment at 
Manage your subscription for the Freeipa-devel mailing list:
Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code

Reply via email to