Quantcast
Channel: Synchronized FFI access to POSIX environment variable functions
Viewing all articles
Browse latest Browse all 25

Synchronized FFI access to POSIX environment variable functions

$
0
0

@bjorn3 but the main problem here is FFI use cases. A C library wrapped via an FFI binding can call fork/exec, in which case it might use the system environment, not the shadow environment.

And if it's implemented in a separate set of parallel APIs like env::remove_var_rust like @RalfJung was suggesting, and the shadow environment becomes the "default" for fork/exec, isn't that a breaking change? That means env::remove_var will no longer modify the environment passed to fork/exec, which means anyone currently relying on it to clear secrets will no longer have their secrets cleared from the environment.

IMO having a mutable shadow environment which can diverge from the system environment is going to make things a lot more confusing.

Read full topic


Viewing all articles
Browse latest Browse all 25

Trending Articles