From owner-cvs-all@FreeBSD.ORG Fri Jan 5 11:04:31 2007 Return-Path: X-Original-To: cvs-all@FreeBSD.org Delivered-To: cvs-all@FreeBSD.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id 5083316A403; Fri, 5 Jan 2007 11:04:31 +0000 (UTC) (envelope-from yar@comp.chem.msu.su) Received: from comp.chem.msu.su (comp.chem.msu.su [158.250.32.97]) by mx1.freebsd.org (Postfix) with ESMTP id 8BA8D13C428; Fri, 5 Jan 2007 11:04:29 +0000 (UTC) (envelope-from yar@comp.chem.msu.su) Received: from comp.chem.msu.su (localhost [127.0.0.1]) by comp.chem.msu.su (8.13.4/8.13.3) with ESMTP id l05AW9pp069076; Fri, 5 Jan 2007 13:32:09 +0300 (MSK) (envelope-from yar@comp.chem.msu.su) Received: (from yar@localhost) by comp.chem.msu.su (8.13.4/8.13.3/Submit) id l05AW304069066; Fri, 5 Jan 2007 13:32:03 +0300 (MSK) (envelope-from yar) Date: Fri, 5 Jan 2007 13:32:03 +0300 From: Yar Tikhiy To: Mike Pritchard Message-ID: <20070105103203.GA68718@comp.chem.msu.su> References: <200612311107.kBVB7TrP042343@repoman.freebsd.org> <20061231170411.GA53408@mail.mppsystems.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20061231170411.GA53408@mail.mppsystems.com> User-Agent: Mutt/1.5.9i Cc: cvs-src@FreeBSD.org, src-committers@FreeBSD.org, cvs-all@FreeBSD.org Subject: Re: cvs commit: src/etc rc.subr X-BeenThere: cvs-all@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: CVS commit messages for the entire tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 05 Jan 2007 11:04:31 -0000 On Sun, Dec 31, 2006 at 11:04:11AM -0600, Mike Pritchard wrote: > On Sun, Dec 31, 2006 at 11:07:29AM +0000, Yar Tikhiy wrote: > > yar 2006-12-31 11:07:29 UTC > > > > FreeBSD src repository > > > > Modified files: > > etc rc.subr > > Log: > > Allow for /usr/bin/env when parsing the shebang line from an > > interpreted $command. Some "portable" sofware packages use such a > > line to skip the task of figuring out the absolute pathname of the > > interpreter at install time, e.g.: > > > > #!/usr/bin/env python > > > > It is insecure, but a popular book on Python seems to have advised > > it to a wide audience. Hence a number of such scripts in the ports, > > mostly written in Python. > > If its insecure, than why allow it? If the ports need a patch to make it > secure, then they should be patched. > > I don't like seeing something from rc.subr with a comment about it > being less secure.... Then feel free to patch src/sys/kern/imgact_shell.c for it is the root of the evil, and face a torrent of complaints. OTOH rc.subr's _find_processes() deals with a different side of the issue that has no security implications because the insecure script is supposed to be already running. My commit message just explained why we have to pay attention to the case at all in rc.subr. It was my fault that I didn't realise some folks would be totally caught by the flypaper word "security." -- Yar