diff options
| author | Lennart Poettering <lennart@poettering.net> | 2024-10-14 11:55:59 +0200 |
|---|---|---|
| committer | Luca Boccassi <luca.boccassi@gmail.com> | 2024-10-14 13:31:37 +0200 |
| commit | c9b477415a6293b74df67c8118bafb0ef8662819 (patch) | |
| tree | 13da6f63dd8882f12f366f6dcc16a34a49f0c5bc /docs | |
| parent | Merge pull request #34749 from yuwata/network-address-parse-broadcast (diff) | |
| download | systemd-c9b477415a6293b74df67c8118bafb0ef8662819.tar.xz systemd-c9b477415a6293b74df67c8118bafb0ef8662819.zip | |
man: document preference for secure_getenv() in coding style
Diffstat (limited to 'docs')
| -rw-r--r-- | docs/CODING_STYLE.md | 8 |
1 files changed, 8 insertions, 0 deletions
diff --git a/docs/CODING_STYLE.md b/docs/CODING_STYLE.md index 82ed0a553c..48fa4b093d 100644 --- a/docs/CODING_STYLE.md +++ b/docs/CODING_STYLE.md @@ -591,6 +591,14 @@ SPDX-License-Identifier: LGPL-2.1-or-later important for objects that unprivileged users may allocate, but also matters for everything else any user may allocate. +- Please use `secure_getenv()` for all environment variable accesses, unless + it's clear that `getenv()` would be the better choice. This matters in + particular in `src/basic/` and `src/shared/` (i.e. library code that might + end up in unexpected processes), but should be followed everywhere else too + (in order to make it unproblematic to move code around). To say this clearly: + the default should be `secure_getenv()`, the exception should be regular + `getenv()`. + ## Types - Think about the types you use. If a value cannot sensibly be negative, do not |