From 224b56c64db83e444da6e2cab20b35659bcae854 Mon Sep 17 00:00:00 2001
From: Zac Medico <zmedico@gentoo.org>
Date: Fri, 7 Dec 2007 22:21:24 +0000
Subject: Bug #189417 - Comment on how the whitelist and BASH_ENV are used to
 prevent environment leakage.

svn path=/main/trunk/; revision=8867
---
 pym/portage/__init__.py | 11 ++++++++---
 1 file changed, 8 insertions(+), 3 deletions(-)

(limited to 'pym')

diff --git a/pym/portage/__init__.py b/pym/portage/__init__.py
index dbbe97e3a..711355e01 100644
--- a/pym/portage/__init__.py
+++ b/pym/portage/__init__.py
@@ -860,9 +860,14 @@ class config(object):
 
 	_environ_whitelist = []
 
-	# Preserve backupenv values that are initialized in the config
-	# constructor. Also, preserve XARGS since it is set by the
-	# portage.data module.
+	# Whitelisted variables are always allowed to enter the ebuild
+	# environment. Generally, this only includes special portage
+	# variables. Ebuilds can unset variables that are not whitelisted
+	# and rely on them remaining unset for future phases, without them
+	# leaking back in from various locations (bug #189417). It's very
+	# important to set our special BASH_ENV variable in the ebuild
+	# environment in order to prevent sandbox from sourcing /etc/profile
+	# in it's bashrc (causing major leakage).
 	_environ_whitelist += [
 		"BASH_ENV", "BUILD_PREFIX", "D",
 		"DISTDIR", "DOC_SYMLINKS_DIR", "EBUILD_EXIT_STATUS_FILE",
-- 
cgit v1.2.3-1-g7c22