On Tue, 31 Jan 2017 at 11:15:32 +0100, Mathieu Malaterre wrote:
> I'd like to discuss addition of a new lintian checks for
> getenv/setenv/putenv used in shared libraries.
A massive number of libraries call getenv(). This is not something that
you can just ban. In many cases (any D-Bus implementation, anything
that uses XDG_whatever_DIRS, anything that uses PATH...) it is also
"ABI" that would lead to broken systems if removed.
A massive number of libraries also call gettext(), which has similar
issues with setlocale() as the setenv-equivalent. This is not something
that you can ban either.
The policy that the GLib/GNOME stack has chosen (and documented!) is to
say that libraries in that stack may call getenv() and gettext() freely,
but applications using those libraries are only allowed to call setenv()
or setlocale() near the beginning of main(), before a second thread
is created. This is by no means ideal, but given the constraints I
can't see anything better[1].
Functions in GLib that indirectly call setenv() or setlocale() are
documented as having the same constraints as setenv() itself.
Again, this is not ideal but is about as good as we're going to get.
S
[1] For projects that don't care about POSIX but only target GNU platforms,
having glibc put mutexes around *env(), setlocale() and gettext(), and
declare direct access to environ to be non-thread-safe, would perhaps be
enough? That solution doesn't work for GLib/GNOME in general, which
aim to be portable; but it would work for some projects.
