Skip to content

Commit 48beb52

Browse files
jspahrsummersjspahrsummers
authored
Merge pull request #27 from modelcontextprotocol/justin/env-var-inheritance
Inherit environment variables deemed safe by default
2 parents 60e9c7a + df901f6 commit 48beb52

File tree

1 file changed

+36
-3
lines changed

1 file changed

+36
-3
lines changed

Diff for: mcp_python/client/stdio.py

+36-3
Original file line numberDiff line numberDiff line change
@@ -1,3 +1,4 @@
1+
import os
12
import sys
23
from contextlib import asynccontextmanager
34

@@ -9,6 +10,36 @@
910

1011
from mcp_python.types import JSONRPCMessage
1112

13+
# Environment variables to inherit by default
14+
DEFAULT_INHERITED_ENV_VARS = (
15+
["APPDATA", "HOMEDRIVE", "HOMEPATH", "LOCALAPPDATA", "PATH",
16+
"PROCESSOR_ARCHITECTURE", "SYSTEMDRIVE", "SYSTEMROOT", "TEMP",
17+
"USERNAME", "USERPROFILE"]
18+
if sys.platform == "win32"
19+
else ["HOME", "LOGNAME", "PATH", "SHELL", "TERM", "USER"]
20+
)
21+
22+
23+
def get_default_environment() -> dict[str, str]:
24+
"""
25+
Returns a default environment object including only environment variables deemed
26+
safe to inherit.
27+
"""
28+
env: dict[str, str] = {}
29+
30+
for key in DEFAULT_INHERITED_ENV_VARS:
31+
value = os.environ.get(key)
32+
if value is None:
33+
continue
34+
35+
if value.startswith("()"):
36+
# Skip functions, which are a security risk
37+
continue
38+
39+
env[key] = value
40+
41+
return env
42+
1243

1344
class StdioServerParameters(BaseModel):
1445
command: str
@@ -17,11 +48,11 @@ class StdioServerParameters(BaseModel):
1748
args: list[str] = Field(default_factory=list)
1849
"""Command line arguments to pass to the executable."""
1950

20-
env: dict[str, str] = Field(default_factory=dict)
51+
env: dict[str, str] | None = None
2152
"""
2253
The environment to use when spawning the process.
2354
24-
The environment is NOT inherited from the parent process by default.
55+
If not specified, the result of get_default_environment() will be used.
2556
"""
2657

2758

@@ -41,7 +72,9 @@ async def stdio_client(server: StdioServerParameters):
4172
write_stream, write_stream_reader = anyio.create_memory_object_stream(0)
4273

4374
process = await anyio.open_process(
44-
[server.command, *server.args], env=server.env, stderr=sys.stderr
75+
[server.command, *server.args],
76+
env=server.env if server.env is not None else get_default_environment(),
77+
stderr=sys.stderr
4578
)
4679

4780
async def stdout_reader():

0 commit comments

Comments
 (0)