https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=235185
--- Comment #34 from Rodney W. Grimes <rgri...@freebsd.org> --- <Rant Warning ON> First off someone teach bugzilla that top posting this input box is just a royal pain in the ass when your trying to reply to earlier posts, this whole input box belongs at the BOTTOM of the page. </Rant> (In reply to Jilles Tjoelker from comment #31) I support the idea that we may not want to take this to the extreme of a sanatizer, how ever, I can not say that directly invoking /path/rc.d/foo is an incorrect operation as that existed far longer than services(8). (In reply to Devin Teske from comment #32) Having services(8) be different than directly invoked scripts can be considered a) a feature (It allows me to force feed ENV stuff) b) a bug cause it can cause evil leaks or c) a POLA violation cause why should they be different. Presently I believe we are in the a) state of affairs, and without additional input we may wish to stay that way as changing it may cause a POLA issue. (In reply to vas from comment #33) I agree with you on the point that invoking rc.d scripts directly is NOT incorrect procedure, see above at reply to #31 In summary my current position: I am actually starting to come to the opinion that possibly the only action that we should take AT THIS TIME is to place an env -i in the rc/fcigwrap script to revoke its bad programming style of environment exposure to a cgi. And to take this idea of a general sanatizer to the next level == a...@freebsd.org -- You are receiving this mail because: You are on the CC list for the bug. _______________________________________________ freebsd-rc@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/freebsd-rc To unsubscribe, send any mail to "freebsd-rc-unsubscr...@freebsd.org"
