On Wed, Nov 12, 2008 at 05:01:04PM -0800, Brock Pytlik wrote:
> Line 59-60, 69-70: I'd rather see us not use this construction to assign
> values. If I hadn't heard Danek mentioning this in the hall the other
> day, I'd assume that user was set to a boolean value. IMO, it's a time
> where being more verbose would make the code more accessible and
> maintainable, but maybe I'm the only one.
Perhaps a comment would suffice? Or maybe something of the form
os.getenv("USER", os.getenv("LOGNAME", os.getenv("USERNAME")))
?
Regardless, there *definitely* needs to be a comment explaining why we
trust environment variables more than we trust kernel-provided code. It's
unfortunate that The Primary Administrator profile is given uid=0 rather
than euid=0, but since it's the big hammer, I guess it has to be big
enough. Perhaps we should be using getauid() on Solaris?
Danek
_______________________________________________
pkg-discuss mailing list
[email protected]
http://mail.opensolaris.org/mailman/listinfo/pkg-discuss
