From: Zac Medico <zmedico@gentoo.org>
Date: Sun, 12 Oct 2008 21:01:12 +0000 (-0000)
Subject: Add an explicit note about bug #239560 in the relevant code.
X-Git-Tag: v2.2_rc13~94
X-Git-Url: http://git.tremily.us/?a=commitdiff_plain;h=3308efd69be3bcbfde53f65def1a0575ed498449;p=portage.git

Add an explicit note about bug #239560 in the relevant code.

svn path=/main/trunk/; revision=11684
---

diff --git a/bin/ebuild.sh b/bin/ebuild.sh
index 92b635c3a..35b940bfb 100755
--- a/bin/ebuild.sh
+++ b/bin/ebuild.sh
@@ -272,7 +272,9 @@ register_die_hook() {
 	export EBUILD_DEATH_HOOKS="${EBUILD_DEATH_HOOKS} $*"
 }
 
-# Ensure that $PWD is sane whenever possible.
+# Ensure that $PWD is sane whenever possible, to protect against
+# exploitation of insecure search path for python -c in ebuilds.
+# See bug #239560.
 if ! hasq "$EBUILD_PHASE" clean depend help ; then
 	cd "$PORTAGE_BUILDDIR" || \
 		die "PORTAGE_BUILDDIR does not exist: '$PORTAGE_BUILDDIR'"