Re: su(1) --whitelist-environment

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On 08/14/2018 11:32 AM, Karel Zak wrote:
> On Mon, Aug 13, 2018 at 10:57:01PM +0200, Bernhard Voelker wrote:
>> Well, this might become slightly trickier with real shell or environment
>> variables wrt/ correct shell quoting:
>>
>>   $ VAR='some value'
>>   $ su -c 'env VAR="'"$VAR"'" myscript' user
> 
> Well, probably usable way for scripts, but ugly for users on command line.
> 
> All the idea behind the patch is make things more user-friendly
> 
>     su -w GREP_COLOR,COLORFGBG - kzak
> 
> seems better than assume -c 'env VAR ..."

+1 your point. ;-)

A difference is that  -c 'env VAR ..." works also with shell variables
while -w filters exported variables only.  I think this not a big deal.

Regarding your implementation: I suggest to warn when -w is used together
with -m, -p, --preserve-environment.  WDYT?

Have a nice day,
Berny




[Index of Archives]     [Netdev]     [Ethernet Bridging]     [Linux Wireless]     [Kernel Newbies]     [Security]     [Linux for Hams]     [Netfilter]     [Bugtraq]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux RAID]     [Linux Admin]     [Samba]

  Powered by Linux