From owner-svn-src-all@freebsd.org Sat Oct 8 14:48:29 2016 Return-Path: Delivered-To: svn-src-all@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 80D26C05A6D for ; Sat, 8 Oct 2016 14:48:29 +0000 (UTC) (envelope-from pfg@FreeBSD.org) Received: from nm25-vm0.bullet.mail.ne1.yahoo.com (nm25-vm0.bullet.mail.ne1.yahoo.com [98.138.91.73]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 4C94537F for ; Sat, 8 Oct 2016 14:48:29 +0000 (UTC) (envelope-from pfg@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1475938102; bh=rDWH4rs0Bp8Yo6IEwIUh2VSQQewIE1oAlTTyw2iBJtA=; h=Subject:To:References:From:Date:In-Reply-To:From:Subject; b=crtejQuWLCYsldnGwPHRU5wUfNxsxU6ww1a0/xwJk8uFemRKEhEvjcqEdanDrvYINDfNX/6oVcvpVT9ZdSQdWkTGbOET0LUQOXjhwU+nm0ltVHnMB2cFo58GCKnJtyBY/4xg1LpfiEaL66m/u9aq5UVfaGwTfQ+Bb94de1anHNowvGTxEg7/OpvWgL63n/UWH1ts34c0QoleQzLCHiGkZ93lZWRRCkPZjbnIMmum2NVSHKJ+lW4vs8CBK8OiNd8SMGjVc0pv0TpJhR3Qn01om6LcUFeyaSPes4tQeyhAG6mg1RVtvusFNLBd648zmV4LikGwlyCYIP+77Qv8lwncyA== Received: from [98.138.101.130] by nm25.bullet.mail.ne1.yahoo.com with NNFMP; 08 Oct 2016 14:48:22 -0000 Received: from [98.138.84.42] by tm18.bullet.mail.ne1.yahoo.com with NNFMP; 08 Oct 2016 14:48:22 -0000 Received: from [127.0.0.1] by smtp110.mail.ne1.yahoo.com with NNFMP; 08 Oct 2016 14:48:22 -0000 X-Yahoo-Newman-Id: 745025.18361.bm@smtp110.mail.ne1.yahoo.com X-Yahoo-Newman-Property: ymail-3 X-YMail-OSG: CHNzR58VM1nrNL4zDVLhzb93.WcLkWFRRTHgyR7EPOGKwdm tznglxEKV2S7e7.EqvfpCcAjZSUWzjChIoge.f.0Mqu0JAoi5zS1AIU695HF ku.HBBxGOhMjQ1pFrDd1BvM0NiQzQmqLK8v1SEXvgJ336PgFl35WWycoXbmn 6VEfZMVy3TroHscC6nocEJPlapZX2AlJ_pNCXbfZLJChJmAJaBjHWPVhMLLq 1LcizCRnW4tqbtSjSwCAgfXYuQ0ttpTUW5J626Sf4a.0LpowfG6BXDoQGATS 2Q4egtNDuKle72PebazLBx02_UE1aWkaGh9n3lWrswwpBrFxtPaePXgRl9Sw H0Txk1KfgP83VfnBj0WFNhDxifRR.6l5XpB0ntJguX7Fz5lrAYCZXyQtynqN IqoVszENqPaBMXGhl99858dMxgbXxwt1btbLL7uFlh0v9YvWMmhttVdwVUlo rrv4Au2_3mH91WIm64KE8F3Y280uphXDEhXjvNMegOumx3NdZhMRNnRd4dwB TM0yzxdVuM3Vdn2CFo8WnYIj6XMNiehUtZOi6.77GYIKfiJg- X-Yahoo-SMTP: xcjD0guswBAZaPPIbxpWwLcp9Unf Subject: Re: svn commit: r306843 - in head/bin/sh: . tests/parameters To: Jilles Tjoelker , src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org, Joerg Schilling References: <201610081340.u98DeDxj088061@repo.freebsd.org> From: Pedro Giffuni Message-ID: <19bde483-d3d1-4e81-b56d-7692bb2e984f@FreeBSD.org> Date: Sat, 8 Oct 2016 09:48:23 -0500 User-Agent: Mozilla/5.0 (X11; FreeBSD amd64; rv:45.0) Gecko/20100101 Thunderbird/45.4.0 MIME-Version: 1.0 In-Reply-To: <201610081340.u98DeDxj088061@repo.freebsd.org> Content-Type: text/plain; charset=utf-8; format=flowed Content-Transfer-Encoding: 7bit X-BeenThere: svn-src-all@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: "SVN commit messages for the entire src tree \(except for " user" and " projects" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 08 Oct 2016 14:48:29 -0000 On 10/08/16 08:40, Jilles Tjoelker wrote: > Author: jilles > Date: Sat Oct 8 13:40:12 2016 > New Revision: 306843 > URL: https://svnweb.freebsd.org/changeset/base/306843 > > Log: > sh: Do not import IFS's value from the environment. > > Per Austin group issue #884, always set IFS to $' \t\n'. As before, IFS will > be exported iff it was in the environment. > > Most shells (e.g. bash, ksh93 and mksh) already did this. This change > improves predictability, in that scripts can simply rely on the default > value. > > However, the effect on security is little, since applications should not be > calling the shell with attacker-controlled environment variable names in the > first place and other security-sensitive variables such as PATH should be > and are imported by the shell. > > When using a new sh with an old (before 10.2) libc wordexp(), IFS is no > longer passed on. Otherwise, wordexp() continues to pass along IFS from the > environment per its documentation. > > Discussed with: pfg > Relnotes: yes > For the record, the idea was suggested originally by Joerg Schilling. Thanks! Pedro.