Subject: Re: bin/2905: setting environment vars from login
To: Curt Sampson <firstname.lastname@example.org>
From: Greg A. Woods <email@example.com>
Date: 11/03/1996 19:52:00
[ On Wed, October 30, 1996 at 07:20:56 (-0800), Curt Sampson wrote: ]
> Subject: Re: bin/2905: setting environment vars from login
> I have to agree with this. It's not uncommon to have someone's
> shell set to a program or simple shell script, so that they can't
> do anything else (assuming the program itself is secure), and this
> is an excellent way to get around that. Even for regular users,
> it's also a good way to subvert /etc/profile or whatever.
RTFM -- at least the SysVr4 (eg SunOS-5) ones....
Some variables cannot (and for the reasons you cite should not) be
Greg A. Woods
+1 416 443-1734 VE3TCP robohack!woods
Planix, Inc. <firstname.lastname@example.org>; Secrets Of The Weird <email@example.com>