There's no great need for `ucgi' to have a fierce whitelist of
environment variables to be passed to the service. We'll assume that
the webserver hasn't put any critical secrets in its environment with
unfortunate names; and the service shouldn't put any trust in the
caller's filtering anyway. If the webserver end takes a more relaxed
approach, we can leave questions of policy regarding environment
filtering largely up to the service -- which is the bit that users
actually have some control over.
To this end, therefore, move the main whitelist to `ucgitarget.c', and
put small list, containing some wildcard patterns, in `ucgi.c'.
~mdw / userv-utils / commitdiff