From f53dc4cf432990123b08a88650d80197e77e27ed Mon Sep 17 00:00:00 2001
From: Pierre Labastie <pierre@linuxfromscratch.org>
Date: Mon, 9 Apr 2012 10:17:30 +0000
Subject: [PATCH] Change again the root commands, so that all control
 characters are escaped Update the corresponding part in README.BLFS

---
 BLFS/xsl/scripts.xsl | 38 +++++++++++++++++++++++---------------
 README.BLFS          | 22 ++++++++++++++--------
 2 files changed, 37 insertions(+), 23 deletions(-)

diff --git a/BLFS/xsl/scripts.xsl b/BLFS/xsl/scripts.xsl
index 6313af4..28ecf0e 100644
--- a/BLFS/xsl/scripts.xsl
+++ b/BLFS/xsl/scripts.xsl
@@ -436,9 +436,9 @@ fi
       <xsl:choose>
         <xsl:when test="@role = 'root'">
           <xsl:if test="$sudo = 'y'">
-            <xsl:text>sudo sh &lt;&lt; ROOT_EOF&#xA;</xsl:text>
+            <xsl:text>sudo -E sh &lt;&lt; ROOT_EOF&#xA;</xsl:text>
           </xsl:if>
-          <xsl:apply-templates select="userinput" mode="root"/>
+          <xsl:apply-templates mode="root"/>
           <xsl:if test="$sudo = 'y'">
             <xsl:text>&#xA;ROOT_EOF</xsl:text>
           </xsl:if>
@@ -504,19 +504,10 @@ popd</xsl:text>
     <xsl:apply-templates/>
   </xsl:template>
 
-  <xsl:template match="userinput" mode="root">
-    <xsl:for-each select="child::node()">
-      <xsl:choose>
-        <xsl:when test="self::text()">
-          <xsl:call-template name="output-root">
-            <xsl:with-param name="out-string" select="string()"/>
-          </xsl:call-template>
-        </xsl:when>
-        <xsl:otherwise>
-          <xsl:apply-templates select="self::node()"/>
-        </xsl:otherwise>
-      </xsl:choose>
-    </xsl:for-each>
+  <xsl:template match="text()" mode="root">
+    <xsl:call-template name="output-root">
+      <xsl:with-param name="out-string" select="string()"/>
+    </xsl:call-template>
   </xsl:template>
 
   <xsl:template name="output-root">
@@ -533,6 +524,17 @@ popd</xsl:text>
                           select="substring-after($out-string,'make')"/>
         </xsl:call-template>
       </xsl:when>
+      <xsl:when test="contains($out-string,'$') and $sudo = 'y'">
+        <xsl:call-template name="output-root">
+          <xsl:with-param name="out-string"
+                          select="substring-before($out-string,'$')"/>
+        </xsl:call-template>
+        <xsl:text>\$</xsl:text>
+        <xsl:call-template name="output-root">
+          <xsl:with-param name="out-string"
+                          select="substring-after($out-string,'$')"/>
+        </xsl:call-template>
+      </xsl:when>
       <xsl:when test="contains($out-string,'`') and $sudo = 'y'">
         <xsl:call-template name="output-root">
           <xsl:with-param name="out-string"
@@ -567,4 +569,10 @@ popd</xsl:text>
         <xsl:text>EDITME**</xsl:text>
   </xsl:template>
 
+  <xsl:template match="replaceable" mode="root">
+        <xsl:text>**EDITME</xsl:text>
+        <xsl:apply-templates/>
+        <xsl:text>EDITME**</xsl:text>
+  </xsl:template>
+
 </xsl:stylesheet>
diff --git a/README.BLFS b/README.BLFS
index d666eb1..8ce3d1d 100644
--- a/README.BLFS
+++ b/README.BLFS
@@ -273,14 +273,20 @@ $Id$
         If building as a normal user (the default setting), be sure that all
      commands that require root privileges are run using sudo. Also make sure
      necessary root privilege commands are visible in your PATH. Or use
-     the `Defaults secure_path=' in /etc/sudoers. Also, the scripts use a
-     fragile construct:
-       sudo bash -c '<commands to be executed as root>'
-     which fail if the commands to be executed contain themselves a ' or access
-     a bash variable $XXX. So carefully review them. When you want to use
-     environment variables, it is sometimes better to replace simple quotes
-     with double quotes, but beware the construct is even more fragile.
-     Carefully check it...
+     the `Defaults secure_path=' in /etc/sudoers.
+        For commands necessitating root privileges, the generated scripts wrap
+     them with the construct:
+       sudo -E sh << ROOT_EOF
+         <commands to be executed as root with `$', ``', and `\' escaped>
+       ROOT_EOF
+     The -E switch ensures the whole environment is passed to the
+     commands to be run with root privileges. It is effective only if the
+     /etc/sudoers file contains `Defaults setenv', or SETENV in the user
+     attributes. If you think it is a security issue, you may forbid this
+     flag in /etc/sudoers, but then, you have to un-escape `$' for variables
+     coming from the environment in the instructions.
+        Although this construct is rather strong, it can fail in some corner
+     cases, so carefully review those instructions.
 
         Due to book layout issues, some sudo commands may be missing.