Choose environment values to report by whitelisting.

This should be safer than just blacklisting a few.
PGBuildFarm · Sep 25, 2012 · 461db51 · 461db51
1 parent 2a29d55
commit 461db51
Showing 1 changed file with 6 additions and 3 deletions.
diff --git a/run_build.pl b/run_build.pl
@@ -56,9 +56,12 @@ BEGIN
 	$orig_env = {};
 	while (my ($k,$v) = each %ENV)
 	{
-		# suppress reporting the value for a few things that might be
-		# sensitive
-		$orig_env->{$k} = ($k =~ /PASS|PW|SSH/ ? 'xxxxxxxx' : $v);
+		# report all the keys but only values for whitelisted settings
+		# this is to stop leaking of things like passwords
+		$orig_env->{$k} = 
+		  ($k =~ /^PG(?!PASSWORD)|MAKE|CC|CPP|FLAG|LIBRAR|INCLUDE/ 
+		   ? $v 
+		   : 'xxxxxx');
 	}
 }