BIND 10 #139: review: copy environment variables from bind10 to children
BIND 10 Development
do-not-reply at isc.org
Thu Apr 8 14:39:54 UTC 2010
#139: review: copy environment variables from bind10 to children
--------------------------+-------------------------------------------------
Reporter: jinmei | Owner: jinmei
Type: enhancement | Status: assigned
Priority: minor | Milestone:
Component: Unclassified | Resolution:
Keywords: | Sensitive: 0
--------------------------+-------------------------------------------------
Changes (by shane):
* owner: shane => jinmei
* status: new => assigned
Comment:
The intention was to run children with only environment variables that we
set. This is in keeping with practice of things like cron. My thinking was
that various types of attack are perhaps possible by running with a bogus
environment - like setting strange LD_LIBRARY_PATH. ;)
However, I think we need to look at the BIND 10 security model in greater
depth. Probably something to discuss in person and make an actual
deliverable. So, rather than making the software harder for us to use for
a poorly-thought-out "security" feature, go ahead and merge this change.
--
Ticket URL: <https://bind10.isc.org/ticket/139#comment:1>
BIND 10 Development <http://bind10.isc.org>
BIND 10 Development
More information about the bind10-tickets
mailing list