This could be done reasonably securely without compromising security too
much on most systems.  telnetd does it securely; copy the code and there
should be few suprises. 

Now, that doesn't mean it is a good thing to do, but I don't see why it
can't be done with minimal security risk if it were so desired.

On Wed, 30 Oct 1996, Peter Seebach wrote:

> That's a good example...
> But you know, we have a similar problem already....
> 
> 	LD_LIBRARY_PATH=... login -p sync
> (if you have sync as a login...)
> 
> In general, I think this has the potential to be a security bug worth
> looking at...
> 
> -s
>