by redmail.netbsd.org with SMTP; 5 Feb 2000 17:46:30 -0000
        pd43.warszawa.ppp.tpnet.pl") by prioris.mini.pw.edu.pl with ESMTP
	id <S196737AbQBERpt>; Sat, 5 Feb 2000 18:45:49 +0100
	id <S302582AbQBEQug>; Sat, 5 Feb 2000 17:50:36 +0100
From:   Slawek Zak <S.Zak@altkom.com>
To:     tech-security@netbsd.org
Subject: Re: PROPOSAL: making passwd pluggable (sort of)
References: <20000130122641.A8134@xanadu.kublai.com> <5lsnzfwgvw.fsf@assaris.sics.se> <20000130223005.A12294@rek.tjls.com>
Mail-Copies-To: never
Reply-To: zaks@prioris.im.pw.edu.pl
Date:   05 Feb 2000 17:50:36 +0100
In-Reply-To: Thor Lancelot Simon's message of "Sun, 30 Jan 2000 22:30:05 -0500"
Message-ID: <87zotfmw4j-cos-mos@localhost.localnet>
Lines:  14
Organization: Ministerstwo smierci na wojnie
User-Agent: Gnus/5.0803 (Gnus v5.8.3) XEmacs/21.1 (Bryce Canyon)
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii

Thor Lancelot Simon <tls@rek.tjls.com> writes:

> And I *certainly* don't want to have to dynamically link things like
> login or passwd, which would be required in order to get the
> necessary dynamic loading on some ports...

Why is it so dangerous ? I know of LD_PRELOAD and LD_LIBRARY_PATH
tricks in ld.so, but why bother respecting these variables in setuid
programs ?
-- 
"Man is the best computer we can put aboard in a spacecraft ... and the
 only one that can be mass produced with unskilled labor."
						    --Wernher von Braun
Suavek Zak / PGP: finger://zaks@prioris.mini.pw.edu.pl