On Monday 22 August 2005 12:52, Drake Wyrm wrote: > Alec Warner <[EMAIL PROTECTED]> wrote: > > Was talking with Brian about the build environment and how settings > > were to be passed into the build environment. > > > > Essentially three scenarios were presented. > > Snip and summary: > > 1) Pass everything > > 2) Blacklist and strip bad stuff > > 3) Whitelist good stuff; strip everything else > > > To me 1) is unacceptable and 3) is the best option. Feel free to > > shoot these down as you see fit ;) > > Option 4: Strip everything. > > Nothing is passed from the original environment; everything passed in the > environment is considered to be a "portage variable". This, I suppose, > is an extreme case of the whitelist.
Well, I'll go against the flow. ;) My preference would go 4, 3, 2 then 1. While Makefiles and configure scripts may be "broken" upstream, how long is it before the breakage goes unnoticed? More importantly, what's the chances of a dev finding the breakage before users? Cleansing the environment to me is akin to using sandbox. It offers protection against misbehaving packages... -- Jason Stubbs
pgpAomWNB8iP5.pgp
Description: PGP signature
