[OE-core] [PATCH 0/1] Whitelist sftp
Richard Purdie
richard.purdie at linuxfoundation.org
Sat Mar 11 11:24:20 UTC 2017
On Sat, 2017-03-11 at 06:14 +0100, Peter Kjellerstedt wrote:
> I have been trying out the whitelisting of tools in $PATH, and it
> seems to work very well. However, one thing that I realized is that
> the tools used by the various fetchers need to be whitelisted. This
> patch adds sftp to HOSTTOOLS_NONFATAL as that is the only fetcher we
> use appart from git and wget, but I expect other tools such as cvs,
> svn, hg, etc need to be added as well.
For some, like subversion we actually build subversion-native so they
shouldn't be listed by default.
> Feel free to squash this commit with the "base/bitbake.conf: Filter
> contents of PATH to only allow whitelisted tools" commit.
I squashed this in along with some other minor tweaks thanks.
Richard
More information about the Openembedded-core
mailing list