Re: Use $DEB_BUILD_DIR rather than parent directory?

To: Joey Hess <joeyh@debian.org>
Cc: debian-devel@lists.debian.org
Subject: Re: Use $DEB_BUILD_DIR rather than parent directory?
From: Andreas Schuldei <andreas@schuldei.org>
Date: Thu, 23 Nov 2000 08:46:56 +0100
Message-id: <[🔎] 20001123084656.B28193@sigrid.schuldei.com>
In-reply-to: <[🔎] 20001122194331.N17395@kitenet.net>; from joeyh@debian.org on Wed, Nov 22, 2000 at 07:43:31PM -0800
References: <8766li8xk0.fsf@indy.progeny.com> <20001120111022.A32756@molehole.moregruel.net> <20001120183217.C32730@cistron.nl> <87g0km7b60.fsf@indy.progeny.com> <20001122182315.I16991@cistron.nl> <[🔎] 87bsv77ok3.fsf@indy.progeny.com> <[🔎] 20001123010044.B29282@cistron.nl> <[🔎] 87snoj5xlg.fsf@indy.progeny.com> <[🔎] 20001122211625.A30438@universal-fasteners.com> <[🔎] 20001122194331.N17395@kitenet.net>

* Joey Hess (joeyh@debian.org) [001123 08:31]:
> jpenny@universal-fasteners.com wrote:
> > In fact, I think a good case can be made for dpkg/apt not honoring
> > environment variables at all (maybe LD_LIBRARY_PATH is an exception).
> > YMMV.
> 
> Please explain how, if you manage to get my shell to set an environement
> variable, you could not have just done whatver setting the environement
> variable eventually makes some program do?

I do not understand this sentence. 

> (It would also be nice if you explained how environement variables can
> be hidden.)

There was a diskussion on security-audit about this. The point is that it is
possible to have environment variables defined several times and that it is
unclear which one will be used. Only one value is shown, and the other ones
are hidden (from view). That is why it would be good practice to
clear the environment completly, or do strict checks on the variables.

However, LD_LIBRARY_PATH was one of the critical variables, because it was
possible to undermine the linking process and dynamicly link against malicious
libs. This is one of the variables to be careful about

Reply to:

References:
- Re: Use $DEB_BUILD_DIR rather than parent directory?
  - From: "Eric Gillespie, Jr." <epg@progeny.com>
- Re: Use $DEB_BUILD_DIR rather than parent directory?
  - From: Wichert Akkerman <wichert@cistron.nl>
- Re: Use $DEB_BUILD_DIR rather than parent directory?
  - From: "Eric Gillespie, Jr." <epg@progeny.com>
- Re: Use $DEB_BUILD_DIR rather than parent directory?
  - From: jpenny@universal-fasteners.com
- Re: Use $DEB_BUILD_DIR rather than parent directory?
  - From: Joey Hess <joeyh@debian.org>

Prev by Date: Re: UTF-8 locales
Next by Date: Re: Use $DEB_BUILD_DIR rather than parent directory?
Previous by thread: Re: Use $DEB_BUILD_DIR rather than parent directory?
Next by thread: Re: Use $DEB_BUILD_DIR rather than parent directory?
Index(es):
- Date
- Thread