[PATCH 7/9] add a gpg_path value for notmuch_database_t
Daniel Kahn Gillmor
dkg at fifthhorseman.net
Fri Jan 15 11:11:55 PST 2016
On Sun 2015-12-13 06:17:07 -0500, Tomi Ollila wrote:
> Actually now that I sent this mail it kept rolling on my mind... If anyone
> else than me (and libgpgme?) thinks that '.' should not be in search path
> we could do
fwiw, i agree that . should *not* be in the search path.
> if (getenv("PATH") == NULL) {
> path_set = true;
> setenv("PATH", "/bin:/usr/bin", 1); // XXX *BSD configurability //
> }
> else path_set = false;
>
> ... g_find_program_in_path("gpg2")
> ... g_find_program_in_path("gpg")
>
> if (path_set) {
> unsetenv("PATH");
I'm game for something like this, but i've got a queue of patches i'm
about to send that would provide a different place to make this change,
so i'm not making it now. please keep this in mind, though :)
> I also thought of examining the return value starting with ./ but
> (current or) future version of g_find_program_in_path() might
> canonicalize the returned path...
i'm not sure what this suggestion means -- do you mean checking to see
whether the returned value started with ./ ? If so, I agree that this
seems like a not very robust way to protect against this problem.
Should we maybe also be reporting this as a bug against
g_find_program_in_path ?
--dkg
More information about the notmuch
mailing list