Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[v14] Prevent .tsh/environment values from overloading prior set values #34626

Merged
merged 3 commits into from Nov 16, 2023
Merged

[v14] Prevent .tsh/environment values from overloading prior set values #34626

merged 3 commits into from Nov 16, 2023

Conversation

jentfoo
Copy link
Member

@jentfoo jentfoo commented Nov 15, 2023

Backport #34277 to branch/v14

changelog: Environment values can not be overridden from the .tsh/environment file, only unique keys will be inserted into the environment.

@jentfoo
Prevent .tsh/environment values from overloading prior set values
2cb529f 
It's not possible to have duplicate environment values within an environment.  And in fact the last value in the string slice will be preserved.  Prior to this change that allows users to possibly change any environment values through the use of the `.tsh/environment` file.  This is within user level control, where other environment value sources originate from a more protected location (for example the PAM configuration).

Prior to this change that allows users to possibly change any environment passed configuration through the use of the `.tsh/environment` file.

This change makes it so that the administrative set values will be preferred, and any duplicate records will be ignored.
@jentfoo
Apply PR feedback
13e6be5
@jentfoo
Only exclude duplicate environment values sourced from .tsh/environment
3a78af1 
This change updates `SafeEnv` to be allow the caller to select if the value should be checked for duplicates.
We then leverage this to avoid this check when sourced from a trusted source.  But then exclude potential duplicates when sourced from .tsh/environment file or the local environment.
@jentfoo jentfoo self-assigned this Nov 15, 2023
@jentfoo jentfoo added this pull request to the merge queue Nov 16, 2023
Merged via the queue into branch/v14 with commit 56851b6 Nov 16, 2023
24 checks passed
@jentfoo jentfoo deleted the bot/backport-34277-branch/v14 branch November 16, 2023 09:17
This was referenced Nov 16, 2023
Merged
Merged
@BrewTestBot BrewTestBot mentioned this pull request Nov 17, 2023
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@zmb3 zmb3 zmb3 approved these changes

@rosstimothy rosstimothy rosstimothy approved these changes

Assignees

@jentfoo jentfoo

Labels
backport size/md
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
3 participants
@jentfoo @zmb3 @rosstimothy