7abfff756d
* Exec: harden host env override enforcement and fail closed * Node host: enforce env override diagnostics before shell filtering * Env overrides: align Windows key handling and mac node rejection
80 lines
1.4 KiB
JSON
80 lines
1.4 KiB
JSON
{
|
|
"blockedKeys": [
|
|
"NODE_OPTIONS",
|
|
"NODE_PATH",
|
|
"PYTHONHOME",
|
|
"PYTHONPATH",
|
|
"PERL5LIB",
|
|
"PERL5OPT",
|
|
"RUBYLIB",
|
|
"RUBYOPT",
|
|
"BASH_ENV",
|
|
"ENV",
|
|
"GIT_EXTERNAL_DIFF",
|
|
"GIT_EXEC_PATH",
|
|
"SHELL",
|
|
"SHELLOPTS",
|
|
"PS4",
|
|
"GCONV_PATH",
|
|
"IFS",
|
|
"SSLKEYLOGFILE",
|
|
"JAVA_TOOL_OPTIONS",
|
|
"_JAVA_OPTIONS",
|
|
"JDK_JAVA_OPTIONS",
|
|
"PYTHONBREAKPOINT",
|
|
"DOTNET_STARTUP_HOOKS",
|
|
"DOTNET_ADDITIONAL_DEPS",
|
|
"GLIBC_TUNABLES",
|
|
"MAVEN_OPTS",
|
|
"SBT_OPTS",
|
|
"GRADLE_OPTS",
|
|
"ANT_OPTS"
|
|
],
|
|
"blockedOverrideKeys": [
|
|
"HOME",
|
|
"GRADLE_USER_HOME",
|
|
"ZDOTDIR",
|
|
"GIT_SSH_COMMAND",
|
|
"GIT_SSH",
|
|
"GIT_PROXY_COMMAND",
|
|
"GIT_ASKPASS",
|
|
"SSH_ASKPASS",
|
|
"LESSOPEN",
|
|
"LESSCLOSE",
|
|
"PAGER",
|
|
"MANPAGER",
|
|
"GIT_PAGER",
|
|
"EDITOR",
|
|
"VISUAL",
|
|
"FCEDIT",
|
|
"SUDO_EDITOR",
|
|
"PROMPT_COMMAND",
|
|
"HISTFILE",
|
|
"PERL5DB",
|
|
"PERL5DBCMD",
|
|
"OPENSSL_CONF",
|
|
"OPENSSL_ENGINES",
|
|
"PYTHONSTARTUP",
|
|
"WGETRC",
|
|
"CURL_HOME",
|
|
"CLASSPATH",
|
|
"CGO_CFLAGS",
|
|
"CGO_LDFLAGS",
|
|
"GOFLAGS",
|
|
"CORECLR_PROFILER_PATH",
|
|
"PHPRC",
|
|
"PHP_INI_SCAN_DIR",
|
|
"DENO_DIR",
|
|
"BUN_CONFIG_REGISTRY",
|
|
"LUA_PATH",
|
|
"LUA_CPATH",
|
|
"GEM_HOME",
|
|
"GEM_PATH",
|
|
"BUNDLE_GEMFILE",
|
|
"COMPOSER_HOME",
|
|
"XDG_CONFIG_HOME"
|
|
],
|
|
"blockedOverridePrefixes": ["GIT_CONFIG_", "NPM_CONFIG_"],
|
|
"blockedPrefixes": ["DYLD_", "LD_", "BASH_FUNC_"]
|
|
}
|