fix(users/Profpatsch/arglib): remove env var after read r/2204

arglib should remove its arguments after reading it, to prevent them from leaking to any child processes. Change-Id: Ifc107b1620b8e407bad6b3d0ad7f4728856ec2ba Reviewed-on: https://cl.tvl.fyi/c/depot/+/2501 Tested-by: BuildkiteCI Reviewed-by: Profpatsch <mail@profpatsch.de>
author: Profpatsch <mail@profpatsch.de> 2021-02-09T19·55+0100
committer: Profpatsch <mail@profpatsch.de> 2021-02-13T20·00+0000
commit: 7a4aca42ad9c512abd2b131ec0cae4c330deeacb (patch)
tree: 31f2e64287e6e82151b64052025d16f8ad467ed6 /users/Profpatsch
parent: 4d9e5d8e47e5bbf36027e244535cf0e7986add8e (diff)
1 files changed, 4 insertions, 2 deletions
diff --git a/users/Profpatsch/arglib/default.nix b/users/Profpatsch/arglib/default.nix
index 4da2e196db..b263654ac3 100644
--- a/users/Profpatsch/arglib/default.nix
+++ b/users/Profpatsch/arglib/default.nix
@@ -20,7 +20,7 @@ let
               None => std::ffi::OsStr::from_bytes("ARGLIB_NETENCODE".as_bytes()),
               Some(a) => a
           };
-          match std::env::var_os(env) {
+          let t = match std::env::var_os(env) {
               None => exec_helpers::die_user_error(prog_name, format!("could not read args, envvar {} not set", env.to_string_lossy())),
               // TODO: good error handling for the different parser errors
               Some(soup) => match netencode::parse::t_t(soup.as_bytes()) {
@@ -30,7 +30,9 @@ let
                   },
                   Err(err) => exec_helpers::die_environment_problem(prog_name, format!("arglib parsing error: {:?}", err))
               }
-          }
+          };
+          std::env::remove_var(env);
+          t
       }
     '';
   };
author	Profpatsch <mail@profpatsch.de>	2021-02-09T19·55+0100
committer	Profpatsch <mail@profpatsch.de>	2021-02-13T20·00+0000
commit	7a4aca42ad9c512abd2b131ec0cae4c330deeacb (patch)
tree	31f2e64287e6e82151b64052025d16f8ad467ed6 /users/Profpatsch
parent	4d9e5d8e47e5bbf36027e244535cf0e7986add8e (diff)