Don't hard code any directories to search for programs into es_unix.

All are now specified through the config. The new default is just /bin,
/sbin, /usr/bin, and /usr/sbin. Formerly /usr/ucb, /usr/etc, and /etc were
also searched. If you want this behavior again you have to explicitly set
the rng/unix_path configuration setting.

2 files changed, 2 insertions, 7 deletions

diff --git a/modules/es_unix/es_unix.cpp b/modules/es_unix/es_unix.cpp
index cb2ded840..d534db2ab 100644
--- a/modules/es_unix/es_unix.cpp
+++ b/modules/es_unix/es_unix.cpp
@@ -86,12 +86,7 @@ void Unix_EntropySource::do_slow_poll()
    const u32bit TRY_TO_GET = 16 * 1024;
    const u32bit MINIMAL_WORKING = 32;
 
-   const std::string BASE_PATH = "/bin:/sbin:/usr/bin:/usr/sbin";
-   const std::string EXTRA_PATH = global_config().option("rng/unix_path");
-
-   std::string PATH = BASE_PATH;
-   if(EXTRA_PATH != "")
-      PATH += ':' + EXTRA_PATH;
+   const std::string PATH = global_config().option("rng/unix_path");
 
    u32bit got = 0;
    for(u32bit j = 0; j != sources.size(); j++)
diff --git a/src/policy.cpp b/src/policy.cpp
index ff71d325b..e8906c4ba 100644
--- a/src/policy.cpp
+++ b/src/policy.cpp
@@ -228,7 +228,7 @@ void set_default_config(Config& config)
    config.set_option("pem/width", "64");
 
    config.set_option("rng/ms_capi_prov_type", "INTEL_SEC:RSA_FULL");
-   config.set_option("rng/unix_path", "/usr/ucb:/usr/etc:/etc");
+   config.set_option("rng/unix_path", "/bin:/sbin:/usr/bin:/usr/sbin");
    config.set_option("rng/es_files", "/dev/urandom:/dev/random");
    config.set_option("rng/egd_path",
                      "/var/run/egd-pool:/dev/egd-pool");