Hi Daniel, On Tue, 2022-08-02 at 13:36 -0700, Daniel Thornburgh via Elfutils-devel wrote: > So, I put together a design with this approach, and it passed a security > review, so the approach broadly seems to work for us. > > It came up in review that it'd be considerably more usable to have the > environment variable point to a file: DEBUGINFOD_HEADERS_FILE=<file>. This > would avoid storing credentials in environment variables, and it would > allow you to set up the path to the header file in your shell config at the > beginning of a session. > > Would this work for libdebuginfod? We'd also want to standardize on the > format of such a file; probably a newline-separated list of headers in the > format accepted by debuginfod_add_http_header()?
I wonder if we should generalize that for other DEBUGINFOD_envs. But instead of adding more environment variables have a debuginfod control file like we already have for cache_clean_interval, max_unused_age and cache_miss. So as an alternative to setting any of the DEBUGINFOD_frob environment variables you could put an urls, cache_path, progress, verbose retry_limit, timeout, maxtime, maxsize or headers file under XDG_CONFIG_HOME (~/.config) debuginfod_client that would be used if the corresponding environment variable isn't set. The downside of course is that it would cause more file stats when creating a debuginfod_client handle, but the overhead is probably minimal especially if programs just reuse the debuginfod_client objects. Or maybe it should just be one control file that can have entries for all of the variables. Cheers, Mark
