Subject: Re: bin/2905: setting environment vars from login
To: None <>
From: Gordon W. Ross <>
List: netbsd-bugs
Date: 10/30/1996 09:52:19
> From: Michael Graff <>
> Date: 30 Oct 1996 00:21:14 -0500
> "Perry E. Metzger" <> writes:
> > This makes me nervous. System V suffers from many security holes made
> > possible by this facility. I'm not personally sure that I would want
> > to see it done unless it was very carefully studied.
> I wouldn't mind having a situation like this, though...
> login:  explorer -ppp
> Password: 
> Starting PPP session...

What is the concern about letting a user set some environment
variables on the line with their login name?  What does this
mechanism allow that they couldn't have done anyway as soon as
they get their shell prompt?