Bug 3477 - Investigate using properties to provide build/runtime configuration values
Summary: Investigate using properties to provide build/runtime configuration values
Status: RESOLVED WONTFIX
Alias: None
Product: frysk
Classification: Unclassified
Component: general (show other bugs)
Version: unspecified
: P2 normal
Target Milestone: ---
Assignee: Unassigned
URL:
Keywords:
Depends on:
Blocks: 2235 3413
  Show dependency treegraph
 
Reported: 2006-11-07 15:53 UTC by Andrew Cagney
Modified: 2006-12-11 04:31 UTC (History)
1 user (show)

See Also:
Host:
Target:
Build:
Last reconfirmed:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Andrew Cagney 2006-11-07 15:53:13 UTC 
At present frysk.Config, and frysk.<subdir>.Build provide the build-time and
run-time information required by installed applications.  This has a number of
problems:

-> the current (bad) implementation has per-arch strings wired into .java files
(they should be in CNI files)
-> developers keep using Build variables in installed binaries

Can, instead, this information be made available through compiled in properties.
 For instance, the build tree having:
  -Dfrysk.config.pkglibexecdir=/build/tree/containing/pkglibexec
while the installed binary has:
  -Dfrysk.config.pkglibexecdir=/usr/libexec/frysk
Although I also seriously wonder about the security implications of this - does
it allow normal users to override the properties of a setuid program?
Comment 1 Andrew Cagney 2006-12-11 04:31:07 UTC 
The problem here is that properties can be overridden via environment variables
- so potentially something can be trojaned in using that.