On Wed, 28 May 2025 18:19:20 +0300
"Vladimir 'phcoder' Serbinenko" wrote:
> I'm unsure about exporting all random parameters to env namespace.
> PHP went down this road and result was bunch of bad vulnerabilities.
> Maybe instead of blindly exporting it have some kind of export or
> query command
I'm unsure about exporting all random parameters to env namespace. PHP went
down this road and result was bunch of bad vulnerabilities. Maybe instead
of blindly exporting it have some kind of export or query command? Or at
least add some prefix to exported vars to identify them as such?
Regards
Vl
The purpose of this patch is to allow the Xen hypervisor to pass extra
data to GRUB in the form of a kernel command line, allowing the host to
customize the boot process of the guest. The command line from Xen is
parsed, and any variables within that start with the string
`xen_grub_env_` are expose
Sending this for preliminary review, this was originally developed downstream
for the Qubes OS project and I was requested to send the patch upstream. This
has been tested pretty well on Qubes OS R4.3, I haven't tested it in a more
"vanilla" environment yet as I cannot for the life of me get GRUB f