tech-pkg archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Re: CVS commit: pkgsrc/mk

"Matthias Scheler" <> writes:

> Module Name:  pkgsrc
> Committed By: tron
> Date:         Wed Jun  5 08:19:57 UTC 2013
> Modified Files:
>       pkgsrc/mk:
> Log Message:
> Revert change to "PKG_SETENV":

I think it's good to revert this until we have addressed most of the
issues it will cause, but I aso think we should be heading for sanitization.

> 1.) It breaks the build of "www/firefox" which gets upset if "SHELL" is
>     not defined in the environment. There are probably more packages
>     which similar problems.

That sounds like a bug in www/firefox.  It absolutely should not behave
differently based on the user's shell.  So probably it needs

(But I get it that it takes time to fix these, and I agree that it not
being done yet is a good reason to revert.)

> 2.) It breaks established use case like this one:
>       cd pkgsrc/multimedia/ffmpeg2theora
>       bmake install
>     In this case the value of "ALLOW_VULNERABLE_PACKAGES" will not be
>     passed to the build of "pkgsrc/multimedia/ffmpeg". And the build of
>     this package will fail due to known vulnerabilities.

It may be reasonable to special-case a few variables, but they should
get printed out, similar to BUILD_DEFS, to sort of guard against
unintended leakage.
Or those variables should all start with PKGSRC_

Attachment: pgpN_m0Z7Cojy.pgp
Description: PGP signature

Home | Main Index | Thread Index | Old Index