https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=235792
--- Comment #2 from [email protected] --- (In reply to Bob Bishop from comment #1) There's more to security than blowing away the environment everywhere; it's also important to allow necessary settings to be made in a centralized and trusted place. Back in the day (I've been using Unix in one form or another for 30+ years and admining it for 25+, I'm not new at this) when environment variables were things you set in commands in your .profile, it was reasonable for cron to ignore that and start from scratch. But the existence of login.conf changes that logic. My argument is that the POLA violation goes the other way: that any time that values in login.conf are *not* respected is surprising. -- You are receiving this mail because: You are the assignee for the bug. _______________________________________________ [email protected] mailing list https://lists.freebsd.org/mailman/listinfo/freebsd-bugs To unsubscribe, send any mail to "[email protected]"
