_\be_\bn_\bv_\b__\bc_\bh_\be_\bc_\bk and _\be_\bn_\bv_\b__\bk_\be_\be_\bp options. This is effectively a whitelist for
environment variables. Environment variables with a value beginning with
() are removed unless both the name and value parts are matched by
- _\be_\bn_\bv_\b__\bk_\be_\be_\bp or _\be_\bn_\bv_\b__\bc_\bh_\be_\bc_\bk, as they will be interpreted as fuctions by older
+ _\be_\bn_\bv_\b__\bk_\be_\be_\bp or _\be_\bn_\bv_\b__\bc_\bh_\be_\bc_\bk, as they will be interpreted as functions by older
versions of the b\bba\bas\bsh\bh shell. Prior to version 1.8.11, such variables were
always removed.
variable's value does not contain any `%' or `/'
characters. This can be used to guard against printf-
style format vulnerabilities in poorly-written
- programs. The TZ variable is considerd unsafe if any
+ programs. The TZ variable is considered unsafe if any
of the following are true:
+\b+\bo\bo It consists of a fully-qualified path name that
\fIenv_keep\fR
or
\fIenv_check\fR,
-as they will be interpreted as fuctions by older versions of the
+as they will be interpreted as functions by older versions of the
\fBbash\fR
shell.
Prior to version 1.8.11, such variables were always removed.
in poorly-written programs.
The
\fRTZ\fR
-variable is considerd unsafe if any of the following are true:
+variable is considered unsafe if any of the following are true:
.PP
.RS 18n
.PD 0
.Em env_keep
or
.Em env_check ,
-as they will be interpreted as fuctions by older versions of the
+as they will be interpreted as functions by older versions of the
.Sy bash
shell.
Prior to version 1.8.11, such variables were always removed.
in poorly-written programs.
The
.Li TZ
-variable is considerd unsafe if any of the following are true:
+variable is considered unsafe if any of the following are true:
.Bl -bullet
.It
It consists of a fully-qualified path name that does not match
projects / sudo / commitdiff