On Tue,  4 Nov 1997 17:06:35 -0500 (EST),
Johnny Chi-Lung Lam <jlbg+@andrew.cmu.edu> wrote:
> The default installation of dt is setgid utmp.  If I export the
> variable LD_LIBRARY_PATH before starting dt, the shells spawned by dt
> don't have LD_LIBRARY_PATH in their environment.  If I remove the
> setgid bit on dt, then the subshells DO see LD_LIBRARY_PATH.  One last
> thing --- this only happens to LD_LIBRARY_PATH, not to any other
> environment variable that I set.

I thought there was some security concern regarding exporting certain
envars, with LD_LIBRARY_PATH being one of them.

For instance, you could point LD_LIBRARY_PATH to a directory in which
you placed a version of library, then run a setuid root program which
would use your library instead of the standard one.  Imagine what
could happen if you modified one of the standard C functions so that
it ran shell and gave you the root privillege?

Ken