11fbaaae9a
The restic security model includes full trust of the local machine, so this should not fix any actual security problems, but it's better to be safe than sorry. Fixes #2192.
26 lines
612 B
Go
26 lines
612 B
Go
package backend
|
|
|
|
import (
|
|
"os"
|
|
"os/exec"
|
|
"strings"
|
|
)
|
|
|
|
// StartForeground runs cmd in the foreground, by temporarily switching to the
|
|
// new process group created for cmd. The returned function `bg` switches back
|
|
// to the previous process group.
|
|
//
|
|
// The command's environment has all RESTIC_* variables removed.
|
|
func StartForeground(cmd *exec.Cmd) (bg func() error, err error) {
|
|
env := os.Environ() // Returns a copy that we can modify.
|
|
|
|
cmd.Env = env[:0]
|
|
for _, kv := range env {
|
|
if strings.HasPrefix(kv, "RESTIC_") {
|
|
continue
|
|
}
|
|
cmd.Env = append(cmd.Env, kv)
|
|
}
|
|
|
|
return startForeground(cmd)
|
|
}
|