Bug #189417 - Comment on how the whitelist and BASH_ENV are used to

prevent environment leakage.

svn path=/main/trunk/; revision=8867

1 files changed, 8 insertions, 3 deletions

diff --git a/pym/portage/__init__.py b/pym/portage/__init__.py
index dbbe97e3a..711355e01 100644
--- a/pym/portage/__init__.py
+++ b/pym/portage/__init__.py
@@ -860,9 +860,14 @@ class config(object):
 
 	_environ_whitelist = []
 
-	# Preserve backupenv values that are initialized in the config
-	# constructor. Also, preserve XARGS since it is set by the
-	# portage.data module.
+	# Whitelisted variables are always allowed to enter the ebuild
+	# environment. Generally, this only includes special portage
+	# variables. Ebuilds can unset variables that are not whitelisted
+	# and rely on them remaining unset for future phases, without them
+	# leaking back in from various locations (bug #189417). It's very
+	# important to set our special BASH_ENV variable in the ebuild
+	# environment in order to prevent sandbox from sourcing /etc/profile
+	# in it's bashrc (causing major leakage).
 	_environ_whitelist += [
 		"BASH_ENV", "BUILD_PREFIX", "D",
 		"DISTDIR", "DOC_SYMLINKS_DIR", "EBUILD_EXIT_STATUS_FILE",