varta-watch 0.2.0

Varta observer — receives VLP frames and surfaces stalls.
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20

//! Environment isolation for recovery child processes.

use std::process::Command;

/// Apply environment isolation to a recovery child [`Command`].
///
/// Default (secure): clears the child env, sets `PATH=/usr/bin:/bin`, then applies
/// `env_vars` entries as an explicit allowlist. When `inherit` is `true`, the
/// observer's full environment is inherited and `env_vars` layer on top.
pub(super) fn apply_env(cmd: &mut Command, inherit: bool, env_vars: &[String]) {
    if !inherit {
        cmd.env_clear();
        cmd.env("PATH", "/usr/bin:/bin");
    }
    for entry in env_vars {
        if let Some((key, value)) = entry.split_once('=') {
            cmd.env(key, value);
        }
    }
}