[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Bug#743887: ITP: direnv -- A utility to set directory specific environment variables

]] Punit Agrawal 

> On Tue, Apr 8, 2014 at 2:49 PM, Tollef Fog Heen <tfheen@err.no> wrote:
> > ]] Punit Agrawal
> >
> >> Instead of putting every environment variable in your
> >> "~/.profile", have directory-specific ".envrc" files for your
> >> AWSACCESSKEY, LIBRARY_PATH or other environment variables.
> >
> > Is there any security built into this?  It sounds like a potential
> > recipe for disaster if code gets run just by entering a directory.
> >
> 
> By default, there is a mechanism to control which .envrc files are
> run. As part of creating the directory-specific configuration, the
> user has to explicitly run 'direnv allow' for that directory and
> .envrc. The configuration file is automatically blocked if changed,
> unless edited with 'direnv edit'.

Yes, that sounds pretty reasonable to me.  Thanks for the quick answer.

-- 
Tollef Fog Heen
UNIX is user friendly, it's just picky about who its friends are
Reply to: