native windows: control of PATH white-list

Question

native windows: control of PATH white-list

Closed this issue 7 months ago · 3 comments

Hi, currently the white-list of the PATH variable is a part of the internals of bob. Is it possible to overwrite this default white-list by the user configuration?

Answer 1 · 2023-10-08T12:06:13.000Z

You mean to not white-list %PATH% and friends? That's currently not possible. You can only add to the whitelist in default.yaml with the whitelist key.

May I ask what is the background of your question?

Answer 2 · 2023-10-21T11:55:03.000Z

Yes exactly that is what I mean. We had problems again with a broken python3.exe stored inside on of this paths in the local filesystem. I'm also not sure if you really need all the currently configured paths, so it would be nice if you can set it yourself as a user.

PS: That the broken file was tried to executed was an error in our recipes (order of Paths). However if the file had not been broken it would have been executed by misatke.

Maybe it would be a solution to tighten the current settings by default and overwrite them via a configuration option?

Answer 3 · 2023-10-22T20:09:01.000Z

Please see #535 for a possible solution. This allows to remove whitelist entries. In case of PATH you will still have to add it to every recipe as checkoutVarsWeak: [PATH] and set a sensible default in default.yaml because I guess almost nothing will work if PATH is unset.

Let me know if this works for you...