[Bug 256233] security/doas: target user's login class gets ignored

From: <bugzilla-noreply_at_freebsd.org>
Date: Wed, 02 Jun 2021 02:45:50 UTC

--- Comment #11 from bugs.freebsd@scourger.nl ---
When doas defaults to the target user's language, you can easily preserve the
caller's language if you want to by using setenv in doas.conf. That is the way
it works with most other environment variables (like HOME, for example).
With the current patch, LANG is essentially working the other way around. All
other environment variables which are set by doas get their value from the
target user, unless specified otherwise in doas.conf (keepenv/setenv). I would
expect LANG to work in the same manner.

To give a few use-cases where you want the target user's language:
* You regularly have to work with documents/data in different languages, and
use separate accounts and doas to do so.
* You're developing (or troubleshooting) applications in other languages.
* You're using FreeBSD as a desktop, and run heavy and/or risky (security-wise)
applications as a seperate user. You want most of your desktop to use en_US,
but for some applications you prefer your native language (this might be a text
editors/word processors, mail clients, maybe a web browser). While I'll admit
I'm making this up (not the separate user accounts), I can imagine some cases
where this might make sense.
* A variation of the previous scenario. You run some software under different
accounts (as a policy), but default to using your native language. However, the
localization of certain programs is really bad, and you prefer to use a locale
based on English for those.
* Last but not least: in most cases the calling and target user will probably
use the same language anyway. If they differ, it's probably for a reason.

You are receiving this mail because:
You are the assignee for the bug.