Jeff King <peff@xxxxxxxx> writes: >> Oh, yes. I didn't mean to say we shouldn't sanitize at all, I rather >> meant to say we should sanitize to values that simply cause us to do a >> no-op in the relevant parts. That means we'd: >> >> - Unset a bunch of environment variables where we know that they >> impact Git. >> >> - Set config-related environment variables to read configuration >> from "/dev/null". >> >> This is in contrast to the more involved fix here, which would be to >> populate a temporary home directory with gitconfig files and whatnot. > > OK. I still think you'd want to set GIT_COMMITTER_NAME (to avoid gecos > dependencies). > > And I'm assuming your "a bunch of environment variables where we know > that they impact Git" includes $HOME, since we are inheriting > dependencies from sub-programs. It doesn't necessarily have to point > somewhere useful, though I wouldn't be surprised if some programs > complain if they can't write to it. I guess eventually we will come full circle and need to sanitize pretty much the same set of environments as t/test-lib.sh does?
