|
From: | Vladimir 'φ-coder/phcoder' Serbinenko |
Subject: | Re: [PATCH v2 2/5] load_env support for whitelisting which variables are read from an env file, even if check_signatures=enforce |
Date: | Thu, 19 Sep 2013 09:18:55 +0200 |
User-agent: | Mozilla/5.0 (X11; Linux x86_64; rv:17.0) Gecko/20130821 Icedove/17.0.8 |
On 07.09.2013 11:33, Andrey Borzenkov wrote: > So just use another environment block for untrusted variables, that's > all. I do not see why any change in sources is required. Trouble is that right now we unconditionally load all variables from block, whether trusted or not. So by modifying untrusted but loaded block you can override core variables i.a. check_signatures. That's why some ability to filter is required.
signature.asc
Description: OpenPGP digital signature
[Prev in Thread] | Current Thread | [Next in Thread] |