On 07 Sep 1996 17:05:33 -0400 
 Michael Graff <explorer@flame.org> wrote:

 > >  - telnetd: block the ENV variable from being transferred, as in some
 > >      circumstances this may lead to unexpected execution of commands.
 > >      (ENV points bash and other shells at command text to execute.)
 > 
 > I have applied this but not committed it.  Any objections?

No objection from me.  We already block some potentially dangerous 
environment variables from passing...

Jason R. Thorpe
NetBSD Core Group
<thorpej@NetBSD.ORG>