cvs commit: src/etc rc.subr

Mike Pritchard mpp at mail.mppsystems.com
Sun Dec 31 09:29:33 PST 2006


On Sun, Dec 31, 2006 at 11:07:29AM +0000, Yar Tikhiy wrote:
> yar         2006-12-31 11:07:29 UTC
> 
>   FreeBSD src repository
> 
>   Modified files:
>     etc                  rc.subr 
>   Log:
>   Allow for /usr/bin/env when parsing the shebang line from an
>   interpreted $command.  Some "portable" sofware packages use such a
>   line to skip the task of figuring out the absolute pathname of the
>   interpreter at install time, e.g.:
>   
>           #!/usr/bin/env python
>   
>   It is insecure, but a popular book on Python seems to have advised
>   it to a wide audience.  Hence a number of such scripts in the ports,
>   mostly written in Python.

If its insecure, than why allow it?  If the ports need a patch to make it
secure, then they should be patched.  

I don't like seeing something from rc.subr with a comment about it
being less secure....
-- 
Mike Pritchard
mpp at FreeBSD.org or mpp at mppsystems.com
"If tyranny and oppression come to this land, it will be in the guise
of fighting a foreign enemy."  - James Madison (1787)


More information about the cvs-src mailing list