Subject: Re: bin/2905: setting environment vars from login
To: None <>
From: Mike Long <>
List: netbsd-bugs
Date: 10/30/1996 17:25:44
>Date: Wed, 30 Oct 1996 12:46:52 -0600 (CST)
>From: Peter Seebach <>

>But you know, we have a similar problem already....
>	LD_LIBRARY_PATH=... login -p sync
>(if you have sync as a login...)
>In general, I think this has the potential to be a security bug worth
>looking at...

login is a setuid-root binary.  IIRC, ignores LD_LIBRARY_PATH
when it loads setuid (& setgid?) dynamic binaries.
Mike Long <>     <URL:>
VLSI Design Engineer         finger for PGP public key
Analog Devices, CPD Division          CCBF225E7D3F7ECB2C8F7ABB15D9BE7B
Norwood, MA 02062 USA       (eq (opinion 'ADI) (opinion 'mike)) -> nil