Philip Martin <philip@codematters.co.uk> writes:
> It won't work unless or until APR is changed. I don't think it is
> sensible to invoke an editor without inheriting the environment, who
> knows what I want and/or need from my environment for my editor to
> run. Perhaps I need DISPLAY, maybe I need LD_LIBRARY_PATH, svn cannot
> guess.
>
> We still need to run a shell so that if SVN_EDITOR is set to an editor
> without a path, "ed" for example, the shell will use PATH to find the
> executable. Invoking system() on Unix will usually both run a shell
> and propogate the environment.
Thanks for the explanation; I understand the issues better now.
> The whole concept of invoking an editor via an environment variable
> means that svn has security holes, such a program should not be
> installed setuid for instance. Of course, this is not really a problem
> since svn is not intended to be secure. It may, however, explain why
> APR has no support for this feature.
I would think it's more likely that apr just hadn't gotten around to
it yet.
In any case, I guess our best course is to leave it as "system()" for
now, and file a separate issue explaining what's going on (unless
someone wants to change APR right now?).
I've filed issue #615 for this.
-K
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@subversion.tigris.org
For additional commands, e-mail: dev-help@subversion.tigris.org
Received on Sat Oct 21 14:37:00 2006