init script should cleanup environment

Bug #890465 reported by MatthiasP
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
puppet (Ubuntu)
New
Medium
Unassigned

Bug Description

The puppet agent init script does not take any attempts to clean or sanitize the environment.

While it may not be of relevance for puppet itself (at least I haven't noticed any cases yet), it may differ for programs started under puppet.

If, for example, you just "sudo /etc/init.d/puppet start", programs run under puppet will have HOME={your_home}. "sudo -i /etc/init.d/..." leads to other results and is probably consistent with what you get when upstart takes care of starting the service.

Which variables should be present and how they should best be set is open to discussion.

Revision history for this message
Serge Hallyn (serge-hallyn) wrote :

(I"m tempted to mark this high priority as it feels like a potential security concern)

Changed in puppet (Ubuntu):
importance: Undecided → Medium
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.