From c92be49041a7b56f651a93e71e15e94bc8727489 Mon Sep 17 00:00:00 2001
From: Roy Marples <roy@marples.name>
Date: Sat, 5 Jan 2008 20:43:08 +0000
Subject: Move the env whitelists to an rc var and build in the system
 whitelist.

---
 src/env_whitelist | 48 ------------------------------------------
 src/rc/rc-misc.c  | 63 +++++++++++++++++++++++++++++++++++++++++++------------
 2 files changed, 50 insertions(+), 61 deletions(-)
 delete mode 100644 src/env_whitelist

(limited to 'src')

diff --git a/src/env_whitelist b/src/env_whitelist
deleted file mode 100644
index ca21935b..00000000
--- a/src/env_whitelist
+++ /dev/null
@@ -1,48 +0,0 @@
-# System environment whitelist for rc-system
-# See /etc/conf.d/env_whitelist for details.
-
-#
-# Internal variables needed for operation of rc-system
-# NB: Do not modify below this line if you do not know what you are doing!!
-#
-
-# Hotplug
-IN_HOTPLUG
-
-# RC network script support
-IN_BACKGROUND
-RC_INTERFACE_KEEP_CONFIG
-
-# Default shell stuff
-PATH
-SHELL
-USER
-HOME
-TERM
-
-# Language variables
-LANG
-LC_CTYPE
-LC_NUMERIC
-LC_TIME
-LC_COLLATE
-LC_MONETARY
-LC_MESSAGES
-LC_PAPER
-LC_NAME
-LC_ADDRESS
-LC_TELEPHONE
-LC_MEASUREMENT
-LC_IDENTIFICATION
-LC_ALL
-
-# From /sbin/init
-INIT_HALT
-INIT_VERSION
-RUNLEVEL
-PREVLEVEL
-CONSOLE
-
-# Allow this through too so we can prefer stuff in /lib when shutting down
-# or going to single mode.
-LD_LIBRARY_PATH
diff --git a/src/rc/rc-misc.c b/src/rc/rc-misc.c
index 0d8b8c1f..aacd6fea 100644
--- a/src/rc/rc-misc.c
+++ b/src/rc/rc-misc.c
@@ -44,8 +44,8 @@
 #include <string.h>
 
 #include "rc.h"
-#include "rc-misc.h"
-#include "strlist.h"
+#include "../rc-misc.h"
+#include "../strlist.h"
 
 #define PROFILE_ENV     "/etc/profile.env"
 #define SYS_WHITELIST   RC_LIBDIR "/conf.d/env_whitelist"
@@ -113,17 +113,54 @@ char **env_filter (void)
 	char *p;
 	int pplen = strlen (PATH_PREFIX);
 
-	whitelist = rc_config_list (SYS_WHITELIST);
-	if (! whitelist)
-		fprintf (stderr, "system environment whitelist (" SYS_WHITELIST ") missing\n");
-
-	env = rc_config_list (USR_WHITELIST);
-	rc_strlist_join (&whitelist, env);
-	rc_strlist_free (env);
-	env = NULL;
-
-	if (! whitelist)
-		return (NULL);
+	/* Init a system whitelist, start with shell vars we need */
+	rc_strlist_add (&whitelist, "PATH");
+	rc_strlist_add (&whitelist, "SHELL");
+	rc_strlist_add (&whitelist, "USER");
+	rc_strlist_add (&whitelist, "HOME");
+	rc_strlist_add (&whitelist, "TERM");
+
+	/* Add Language vars */
+	rc_strlist_add (&whitelist, "LANG");
+	rc_strlist_add (&whitelist, "LC_CTYPE");
+	rc_strlist_add (&whitelist, "LC_NUMERIC");
+	rc_strlist_add (&whitelist, "LC_TIME");
+	rc_strlist_add (&whitelist, "LC_COLLATE");
+	rc_strlist_add (&whitelist, "LC_MONETARY");
+	rc_strlist_add (&whitelist, "LC_MESSAGES");
+	rc_strlist_add (&whitelist, "LC_PAPER");
+	rc_strlist_add (&whitelist, "LC_NAME");
+	rc_strlist_add (&whitelist, "LC_ADDRESS");
+	rc_strlist_add (&whitelist, "LC_TELEPHONE");
+	rc_strlist_add (&whitelist, "LC_MEASUREMENT");
+	rc_strlist_add (&whitelist, "LC_IDENTIFICATION");
+	rc_strlist_add (&whitelist, "LC_ALL");
+
+	/* Allow rc to override library path */
+	rc_strlist_add (&whitelist, "LD_LIBRARY_PATH");
+
+	/* We need to know sysvinit stuff - we emulate this for BSD too */
+	rc_strlist_add (&whitelist, "INIT_HALT");
+	rc_strlist_add (&whitelist, "INIT_VERSION");
+	rc_strlist_add (&whitelist, "RUNLEVEL");
+	rc_strlist_add (&whitelist, "PREVLEVEL");
+	rc_strlist_add (&whitelist, "CONSOLE");
+
+	/* Hotplug and daemon vars */
+	rc_strlist_add (&whitelist, "IN_HOTPLUG");
+	rc_strlist_add (&whitelist, "IN_BACKGROUND");
+	rc_strlist_add (&whitelist, "RC_INTERFACE_KEEP_CONFIG");
+
+	/* Add the user defined list of vars */
+	e = env_name = xstrdup (rc_conf_value ("rc_env_allow"));
+	while ((token = strsep (&e, " "))) {
+		if (token[0] == '*') {
+			free (env_name);
+			return (NULL);
+		}
+		rc_strlist_add (&whitelist, token);
+	}
+	free (env_name);
 
 	if (exists (PROFILE_ENV))
 		profile = rc_config_load (PROFILE_ENV);
-- 
cgit v1.2.3