[1206] in linux-security and linux-alert archive
Re: [linux-security] libc 5.4.7
daemon@ATHENA.MIT.EDU (David Holland)
Sat Oct 12 07:41:15 1996
From: David Holland <dholland@eecs.harvard.edu>
To: alan@cymru.net (Alan Cox)
Date: Thu, 10 Oct 1996 12:34:02 -0400 (EDT)
Cc: dholland@eecs.harvard.edu, alan@lxorguk.ukuu.org.uk, alan@cymru.net,
potato@dsnet.com, linux-gcc@vger.rutgers.edu,
linux-security@tarsier.cv.nrao.edu
In-Reply-To: <199610100848.JAA08820@snowcrash.cymru.net> from "Alan Cox" at Oct 10, 96 09:48:55 am
> > Yes. IMO, one should not do that (personally I wouldn't count on the
> > right thing happening with LD_*, much less any other environment
> > variables, rlimits, utmp entries, umasks, or what-have-you.)
>
> With ld.so.7.14 the LD_ variables are correctly scrubbed. rlimits can be
> a problem as sendmail has demonstrated.
If you're writing for multiple platforms you don't *know* the LD_
stuff will get handled right.
--
- David A. Holland | VINO project home page:
dholland@eecs.harvard.edu | http://www.eecs.harvard.edu/vino