forked from TrueCloudLab/restic
11fbaaae9a
The restic security model includes full trust of the local machine, so this should not fix any actual security problems, but it's better to be safe than sorry. Fixes #2192.
26 lines
612 B
Go
26 lines
612 B
Go
package backend
|
|
|
|
import (
|
|
"os"
|
|
"os/exec"
|
|
"strings"
|
|
)
|
|
|
|
// StartForeground runs cmd in the foreground, by temporarily switching to the
|
|
// new process group created for cmd. The returned function `bg` switches back
|
|
// to the previous process group.
|
|
//
|
|
// The command's environment has all RESTIC_* variables removed.
|
|
func StartForeground(cmd *exec.Cmd) (bg func() error, err error) {
|
|
env := os.Environ() // Returns a copy that we can modify.
|
|
|
|
cmd.Env = env[:0]
|
|
for _, kv := range env {
|
|
if strings.HasPrefix(kv, "RESTIC_") {
|
|
continue
|
|
}
|
|
cmd.Env = append(cmd.Env, kv)
|
|
}
|
|
|
|
return startForeground(cmd)
|
|
}
|