[ On Wed, November 6, 1996 at 13:10:12 (-0700), Christian Kuhtz wrote: ]
> Subject: Re: bin/2905: setting environment vars from login
>
> Are you willing to bet your life on the fact that there will not be an  
> exploitation of this feature?

Show me a system where my life depends on exploits not occuring, and
I'll be the first to apply the wire cutters to it's external connections.

> Regardless of how many times I and others have asked you for it, you will  
> not answer certain questions which have been asked.  You rather flame me in  
> private;  trust me, I can take it publically.
> 
> 1.) Show me a situation where this is an absolutely neccessary feature,  
> which cannot be implemented with current tools.

I never claimed it was an absolutely necessary feature.

I do claim it cannot be implemented by any current tools without
modification of said tools.

> 2.) Why does this feature have to be available by default?

As I've said a zillion times: Because it's generally useful, and rarely,
if ever (show me!), harmful to a generic system (i.e. one that runs
completely stock out-of-the box binaries in a general purpose computing
environment).

> 3.) Why do you want to avoid forcing RTFM to enable this feature and  
> subsequently cause awareness?

I don't mind an RTMF, so long as the enabling can be done at run-time
from the stock binaries.

(I've also said this a zillion times.)

> An example for another dangerous environment variable is IFS.  I don't  
> know for how long ppl have been preaching that it should be reset  
> immediately within a script.  However, human nature prevents this preaching  
> from being successful and you won't accept that this world isn't perfect  
> but rather accuse others of living in a dreamworld.

Obviously, which is why /bin/login should not allow it to be overridden.

... but then we *knew* that already, no?

-- 
							Greg A. Woods

+1 416 443-1734			VE3TCP			robohack!woods
Planix, Inc. <woods@planix.com>; Secrets Of The Weird <woods@weird.com>