diff options
authorMike Frysinger <>2018-09-17 19:19:15 -0400
committerMike Frysinger <>2018-09-17 19:23:35 -0400
commite490601874fe785c7632e6571a3a1d8f43404622 (patch)
tree3293daa43f9bfecd5dfb43a533ccc4e2c5a5926d /sys-devel/bc/metadata.xml
parentdev-libs/libressl-2.6.5: ppc64 stable, bug 658158 (diff)
sys-devel/bc: add support for --sandbox & USE=forced-sandbox
The dc tool has an ! command which allows for arbitrary system() calls which is not ideal for processing arbitrary user scripts. First add support for a --sandbox flag at runtime (like sed/gawk gnu tools), then add a USE=forced-sandbox option so people can lock it down. The patches have been sent to upstream, but considering how slow the bc project tends to move, and their lack of a project site/git repo, going to merge this now and just wait for upstream feedback.
Diffstat (limited to 'sys-devel/bc/metadata.xml')
1 files changed, 3 insertions, 0 deletions
diff --git a/sys-devel/bc/metadata.xml b/sys-devel/bc/metadata.xml
index 56c12441305..5bdfef6846f 100644
--- a/sys-devel/bc/metadata.xml
+++ b/sys-devel/bc/metadata.xml
@@ -5,4 +5,7 @@
<name>Gentoo Base System</name>
+ <flag name="forced-sandbox">Always enable --sandbox mode for simpler/secure runtime (disables the ! command in dc)</flag>