void env_filter(void) { RC_STRINGLIST *env_allow; RC_STRINGLIST *profile; RC_STRINGLIST *env_list; RC_STRING *env; char *e; size_t i = 0; /* Add the user defined list of vars */ env_allow = rc_stringlist_split(rc_conf_value("rc_env_allow"), " "); /* * If '*' is an entry in rc_env_allow, do nothing as we are to pass * through all environment variables. */ if (rc_stringlist_find(env_allow, "*")) return; profile = rc_config_load(RC_PROFILE_ENV); /* Copy the env and work from this so we can manipulate it safely */ env_list = rc_stringlist_new(); while (environ && environ[i]) { env = rc_stringlist_add(env_list, environ[i++]); e = strchr(env->value, '='); if (e) *e = '\0'; } TAILQ_FOREACH(env, env_list, entries) { /* Check the whitelist */ for (i = 0; env_whitelist[i]; i++) { if (strcmp(env_whitelist[i], env->value) == 0) break; } if (env_whitelist[i]) continue; /* Check our user defined list */ if (rc_stringlist_find(env_allow, env->value)) continue; /* OK, not allowed! */ unsetenv(env->value); } /* Now add anything missing from the profile */ TAILQ_FOREACH(env, profile, entries) { e = strchr(env->value, '='); *e = '\0'; if (!getenv(env->value)) setenv(env->value, e + 1, 1); }
void env_filter(void) { RC_STRINGLIST *env_allow; RC_STRINGLIST *profile; RC_STRINGLIST *env_list; RC_STRING *env; char *e; size_t i = 0; profile = rc_config_load(RC_PROFILE_ENV); /* Copy the env and work from this so we can manipulate it safely */ env_list = rc_stringlist_new(); while (environ && environ[i]) { env = rc_stringlist_add(env_list, environ[i++]); e = strchr(env->value, '='); if (e) *e = '\0'; } if (rc_conf_value("rc_env_allow") != "*") { /* Add the user defined list of vars */ env_allow = rc_stringlist_split(rc_conf_value("rc_env_allow"), " "); TAILQ_FOREACH(env, env_list, entries) { /* Check the whitelist */ for (i = 0; env_whitelist[i]; i++) { if (strcmp(env_whitelist[i], env->value) == 0) break; } if (env_whitelist[i]) continue; /* Check our user defined list */ if (rc_stringlist_find(env_allow, env->value)) continue; /* OK, not allowed! */ unsetenv(env->value); } }