Clean environment variables to account for sandbox work directory.

Unset HOME to prevent username leak. Bug: 363037195 Change-Id: I7a8694f746d58de8f6e41adb6ad52abbaf955ef4
2024-08-20 14:10:50 -07:00
parent cda9ce15ff
commit 0af8ea14fc
3 changed files with 69 additions and 17 deletions
--- a/ui/build/sandbox_linux.go
+++ b/ui/build/sandbox_linux.go
@@ -187,8 +187,17 @@ func (c *Cmd) readMountArgs() []string {
 	return args
 }

+func (c *Cmd) workDir() string {
+	if !c.config.UseABFS() {
+		wd, _ := os.Getwd()
+		return wd
+	}
+
+	return abfsSrcDir
+}
+
 func (c *Cmd) wrapSandbox() {
-	wd, _ := os.Getwd()
+	wd := c.workDir()

 	var sandboxArgs []string
 	sandboxArgs = append(sandboxArgs,
@@ -226,7 +235,7 @@ func (c *Cmd) wrapSandbox() {
 	)

 	sandboxArgs = append(sandboxArgs,
-		c.readMountArgs()...
+		c.readMountArgs()...,
 	)

 	sandboxArgs = append(sandboxArgs,