|
From: Alberto G. I. <ag...@in...> - 2018-11-28 14:58:34
|
Hi Felipe, On Wed, Nov 28, 2018 at 02:21:54PM +0000, Felipe Costa wrote: (snip) > > The test is important. It tests ModSec's ability to read environment variables. It is listed here: > https://github.com/SpiderLabs/ModSecurity/blob/v3/master/test/test-cases/regression/variable-ENV.json Since the previous test case reads another one (PATH), it wasn't clear to me if TERM was choosen for a particular reason. > We may have poorly selected the name of the variable as it seems that the variable is not broadly used. > > (...) > > Maybe the person that created the test case in the first place can > clarify the target of it. > > The objective of the test is not to read the TERM variable, but any environment variable. Setting the variable before the test case execution, as Ervin suggested, seems to be a valid way of testing it. > > I am not in favor disable the test case. I am aware that it is a single test among 5k+ test that we have today. But every test is there for a reason. Ok, I'll set the variable as Ervin suggested then. > If setting the variable is a problem, I would prefer to change it to make it more broad available. > > A possibility is to change the test utility to set a ModSecurity environment variable that will be further read by the test in question. Other possibility is to use setenv action to set a variable to be read. Fundamentally it has no difference form Ervin's suggestion, although it will be more elegant. If setenv is used in the future it will save the packaging scripts from setting it, thanks. Thank you both for your help and clarification. I hope we can trace the FAILures on the s390, ppc64 and sparc64 archs so the package can start migrating to Debian Buster. Regards, Alberto -- Alberto Gonzalez Iniesta | Formación, consultoría y soporte técnico mailto/sip: ag...@in... | en GNU/Linux y software libre Encrypted mail preferred | http://inittab.com Key fingerprint = 5347 CBD8 3E30 A9EB 4D7D 4BF2 009B 3375 6B9A AA55 |
