cvs commit: src/etc rc.subr

[Yar Tikhiy]

On Sun, Dec 31, 2006 at 11:04:11AM -0600, Mike Pritchard wrote:
> On Sun, Dec 31, 2006 at 11:07:29AM +0000, Yar Tikhiy wrote:
> > yar         2006-12-31 11:07:29 UTC
> > 
> >   FreeBSD src repository
> > 
> >   Modified files:
> >     etc                  rc.subr 
> >   Log:
> >   Allow for /usr/bin/env when parsing the shebang line from an
> >   interpreted $command.  Some "portable" sofware packages use such a
> >   line to skip the task of figuring out the absolute pathname of the
> >   interpreter at install time, e.g.:
> >   
> >           #!/usr/bin/env python
> >   
> >   It is insecure, but a popular book on Python seems to have advised
> >   it to a wide audience.  Hence a number of such scripts in the ports,
> >   mostly written in Python.
> 
> If its insecure, than why allow it?  If the ports need a patch to make it
> secure, then they should be patched.  
> 
> I don't like seeing something from rc.subr with a comment about it
> being less secure....

Then feel free to patch src/sys/kern/imgact_shell.c for it is the
root of the evil, and face a torrent of complaints.  OTOH rc.subr's
_find_processes() deals with a different side of the issue that has
no security implications because the insecure script is supposed
to be already running.  My commit message just explained why we
have to pay attention to the case at all in rc.subr.  It was my
fault that I didn't realise some folks would be totally caught by
the flypaper word "security."

-- 
Yar