stop setting proxy variables, or make it configurable at least
@calestyo
Submitted by Christoph Anton Mitterer Link to original bug (#747800)
Description
Hi.
gnome-terminal is, as the name says, at terminal emulator, and IMHO it's not the domain of a terminal emulator to set any environment variables which are not related to the terminal (e.g. TERM, COLUMNS, ROWS and that like).
One very annoying case is that gnome-terminal exports GNOME's proxy settings via, e.g.: declare -x all_proxy="socks://localhost:8123/" declare -x ftp_proxy="http://localhost:8123/" declare -x http_proxy="http://localhost:8123/" declare -x https_proxy="http://localhost:8123/" declare -x no_proxy="localhost,127.0.0.0/8,::1"
-
Since these are not GNOME-specific variables it affects other applications as well, which is IMHO already fundamentally wrong. GNOME should really not try to "force" its "goodness" upon other non-GNOME applications like mplayer, wget, and so on. These have their own ways to configure proxies and I do no want GNOME to automagically decide that for me (especially as it's buggy).
-
Since GNOME's policy is typically to remove features :-( one cannot set the proxy in most GNOME apps, but has to do it at the system-wide settings. So if I just want to use a proxy in e.g. evolution to access some special network, or epiphany to use tor,.. I have to do it globally and thus gnome-terminal will set it in all shells started thereafter and all programs using the above general variables will try to use these proxy settings.
This is the first aspect of the feature being buggy: GNOME think it can decide for all applications started in the terminal, whether they should/can use that proxy, ... but in fact it can of course not. My proxy used for email might simply just accept traffic for mail destinations, and it may be poorly slow when I watch some news via mplayer over tor.
- The proxy information is not kept up to date. When gnome-terminal sets the env vars, that proxy configured in GNOME may(!) be up and working,... but maybe I change the setting in GNOME afterwards back to "no proxy" or another proxy. Maybe the original proxy gets stopped. The terminal however will continue to have it's env vars set that way, which is the 2nd buggy part of this whole misfeature.
So apart from the fact, that this "feature" is generally quite questionable due to the above flaws, it should be definitely configurable. Moreover it should be an opt-in (i.e. defaults are not to use it), it's simply inappropriate to automagically make such a configuration the user has never chosen. And configuring something in the GNOME control center is a GNOME thingy, nothing that any other software has accepted to be the canonical location for proxy configuration. If 3rd party want to do what GNOME sets, then the appropriate way for them is to use some libmyproxy or however it is called.
Actually, I'd go so far calling this security issue: 4) The variables are marked exportable, so they might get also propagated to remote logins and software there may connect to the configured proxy (which could be a security and/or privacy leak).
- Any software for which networking and/or the routing is critical may now expose data do a proxy for which it is likely not meant. This could again be a data and/or privacy leak... or it could be like a blocking attack,.. e.g. image one runs freshclam via such terminal and it always fails to download the newest virus signatures because of the broken proxy settings.
Cheers, Chris.
Version: 3.14.x
Resolution: RESOLVED WONTFIX