Permalink
Browse files

Choose environment values to report by whitelisting.

This should be safer than just blacklisting a few.
  • Loading branch information...
adunstan committed Sep 25, 2012
1 parent 2a29d55 commit 461db51b3b10a29503ee036971ac3c0b5e0eca65
Showing with 6 additions and 3 deletions.
  1. +6 −3 run_build.pl
View
@@ -56,9 +56,12 @@ BEGIN
$orig_env = {};
while (my ($k,$v) = each %ENV)
{
- # suppress reporting the value for a few things that might be
- # sensitive
- $orig_env->{$k} = ($k =~ /PASS|PW|SSH/ ? 'xxxxxxxx' : $v);
+ # report all the keys but only values for whitelisted settings
+ # this is to stop leaking of things like passwords
+ $orig_env->{$k} =
+ ($k =~ /^PG(?!PASSWORD)|MAKE|CC|CPP|FLAG|LIBRAR|INCLUDE/
+ ? $v
+ : 'xxxxxx');
}
}

0 comments on commit 461db51

Please sign in to comment.