Move env var clearage back to child...! Exception for RUST_LOG

Clearing env vars with the `std::process::Command` API didn't get everything on
Mac, namely `__CF_USER_TEXT_ENCODING` was still present. While we don't support
Mac itself as a secure system, the same issue could exist on some Linux systems
either now or in the future. So it is better to just clear it on the child-side
and not worry about it. We may not use the `Command` API in the future, anyway:
https://github.com/paritytech/polkadot/issues/4721

node/core/pvf/common/src/worker.rs

@@ -101,6 +101,16 @@ pub fn worker_event_loop<F, Fut>(
 		}
 	}
 
+	// Delete all env vars to prevent malicious code from accessing them.
+	for (key, _) in std::env::vars() {
+		// TODO: *theoretically* the value (or mere presence) of `RUST_LOG` can be a source of
+		// randomness for malicious code. In the future we can remove it also and log in the host;
+		// see <https://github.com/paritytech/polkadot/issues/7117>.
+		if key != "RUST_LOG" {
+			std::env::remove_var(key);
+		}
+	}
+
 	// Run the main worker loop.
 	let rt = Runtime::new().expect("Creates tokio runtime. If this panics the worker will die and the host will detect that and deal with it.");
 	let err = rt

node/core/pvf/src/worker_intf.rs

@@ -217,15 +217,7 @@ impl WorkerHandle {
 		extra_args: &[&str],
 		socket_path: impl AsRef<Path>,
 	) -> io::Result<Self> {
-		// Clear all env vars from the spawned process.
-		let mut command = process::Command::new(program.as_ref());
-		command.env_clear();
-		// Add back any env vars we want to keep.
-		if let Ok(env) = std::env::var("RUST_LOG") {
-			command.env("RUST_LOG", env);
-		}
-
-		let mut child = command
+		let mut child = process::Command::new(program.as_ref())
 			.args(extra_args)
 			.arg("--socket-path")
 			.arg(socket_path.as_ref().as_os_str())