commit: d5370bc17d73a62f1a3f1bc09b4c7847da507317
Author: Georgy Yakovlev <gyakovlev <AT> gentoo <DOT> org>
AuthorDate: Sun Aug 30 21:08:22 2020 +0000
Commit: Georgy Yakovlev <gyakovlev <AT> gentoo <DOT> org>
CommitDate: Sun Aug 30 21:10:00 2020 +0000
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=d5370bc1
profiles/base/make.defaults: add CARGO_HOME to ENV_UNSET
Signed-off-by: Georgy Yakovlev <gyakovlev <AT> gentoo.org>
profiles/base/make.defaults | 5 ++++-
1 file changed, 4 insertions(+), 1 deletion(-)
diff --git a/profiles/base/make.defaults b/profiles/base/make.defaults
index 1ac69f51ec9..ebcbbe0ad38 100644
--- a/profiles/base/make.defaults
+++ b/profiles/base/make.defaults
@@ -29,6 +29,9 @@ CONFIG_PROTECT_MASK="/etc/env.d /etc/gconf"
#
# DISPLAY and XAUTHORITY to avoid trying to access the user's X11.
#
+# CARGO_HOME may leak to build env if package is not using cargo.eclass
+# such leak will result in sandbox violations
+#
# XDG_* since the values coming from user environment can collide with
# ebuild-set ${HOME} (e.g. by referring to user's home directory).
# We exclude XDG_DATA_DIRS & XDG_CONFIG_DIRS as those are set in env.d.
@@ -40,7 +43,7 @@ CONFIG_PROTECT_MASK="/etc/env.d /etc/gconf"
# GOBIN needs to be cleaned as random values in GOBIN can affect the
# building of some packages:
#
https://archives.gentoo.org/gentoo-dev/message/163010f83ae7819d80c0cfdf797cbfe0
-ENV_UNSET="DBUS_SESSION_BUS_ADDRESS DISPLAY XAUTHORITY XDG_CACHE_HOME
XDG_CONFIG_HOME XDG_DATA_HOME XDG_RUNTIME_DIR PERL_MM_OPT PERL5LIB PERL5OPT
PERL_MB_OPT PERL_CORE PERLPREFIX GOBIN GOPATH"
+ENV_UNSET="DBUS_SESSION_BUS_ADDRESS DISPLAY CARGO_HOME XAUTHORITY
XDG_CACHE_HOME XDG_CONFIG_HOME XDG_DATA_HOME XDG_RUNTIME_DIR PERL_MM_OPT
PERL5LIB PERL5OPT PERL_MB_OPT PERL_CORE PERLPREFIX GOBIN GOPATH"
# Variables that are set exclusively by the profile
# and not by user configuration files.
