diff options
| author | Tim Schumacher <timschumi@gmx.de> | 2022-05-19 23:28:43 +0200 |
|---|---|---|
| committer | Andreas Kling <kling@serenityos.org> | 2022-05-21 18:12:07 +0200 |
| commit | 7550017f97d7892f8b7d26074046a87144f491dd (patch) | |
| tree | 4b5cd7b69598b005abd8c298f30e97c61cc3d96d /Ports | |
| parent | bdac8c53ea7f96809e70f7a74a1828c71858b43b (diff) | |
| download | serenity-7550017f97d7892f8b7d26074046a87144f491dd.zip | |
Ports: Sanitize environment before handling Ports
This keeps users from leaking their host environment variables (CFLAGS,
etc.) into Ports, and it keeps us from leaking Port-specific settings
into their dependencies.
Diffstat (limited to 'Ports')
| -rwxr-xr-x | Ports/.port_include.sh | 6 | ||||
| -rwxr-xr-x | Ports/.strip_env.sh | 8 |
2 files changed, 14 insertions, 0 deletions
diff --git a/Ports/.port_include.sh b/Ports/.port_include.sh index 31bec3dc2d..78c6d89d3b 100755 --- a/Ports/.port_include.sh +++ b/Ports/.port_include.sh @@ -2,6 +2,12 @@ set -eu SCRIPT="$(dirname "${0}")" + +if [ -z "${SERENITY_STRIPPED_ENV:-}" ]; then + exec "${SCRIPT}/.strip_env.sh" "${@}" +fi +unset SERENITY_STRIPPED_ENV + export MAKEJOBS="${MAKEJOBS:-$(nproc)}" maybe_source() { diff --git a/Ports/.strip_env.sh b/Ports/.strip_env.sh new file mode 100755 index 0000000000..54265ae791 --- /dev/null +++ b/Ports/.strip_env.sh @@ -0,0 +1,8 @@ +#!/usr/bin/env bash + +exec env -i SERENITY_STRIPPED_ENV=1 \ + MAKEJOBS="${MAKEJOBS:-}" \ + IN_SERENITY_PORT_DEV="${IN_SERENITY_PORT_DEV:-}" \ + SERENITY_ARCH="${SERENITY_ARCH:-}" \ + SERENITY_TOOLCHAIN="${SERENITY_TOOLCHAIN:-}" \ + "${@}" |