Subject: Re: bin/2905: setting environment vars from login
To: Peter Seebach <>
From: Marc Slemko <>
List: netbsd-bugs
Date: 10/30/1996 19:09:37
This could be done reasonably securely without compromising security too
much on most systems.  telnetd does it securely; copy the code and there
should be few suprises. 

Now, that doesn't mean it is a good thing to do, but I don't see why it
can't be done with minimal security risk if it were so desired.

On Wed, 30 Oct 1996, Peter Seebach wrote:

> That's a good example...
> But you know, we have a similar problem already....
> 	LD_LIBRARY_PATH=... login -p sync
> (if you have sync as a login...)
> In general, I think this has the potential to be a security bug worth
> looking at...
> -s