[1216] in linux-security and linux-alert archive

home help back first fref pref prev next nref lref last post

Re: [linux-security] libc 5.4.7

daemon@ATHENA.MIT.EDU (Alan Cox)
Sun Oct 13 12:57:01 1996

From: Alan Cox <alan@cymru.net>
To: dholland@eecs.harvard.edu (David Holland)
Date: Thu, 10 Oct 1996 09:48:55 +0100 (BST)
Cc: alan@lxorguk.ukuu.org.uk, dholland@eecs.harvard.edu, alan@cymru.net,
        potato@dsnet.com, linux-gcc@vger.rutgers.edu,
        linux-security@tarsier.cv.nrao.edu
In-Reply-To: <199610092241.SAA16236@burgundy.eecs.harvard.edu> from "David Holland" at Oct 9, 96 06:41:26 pm

> Yes. IMO, one should not do that (personally I wouldn't count on the
> right thing happening with LD_*, much less any other environment
> variables, rlimits, utmp entries, umasks, or what-have-you.)

With ld.so.7.14 the LD_ variables are correctly scrubbed. rlimits can be
a problem as sendmail has demonstrated.

Alan

home help back first fref pref prev next nref lref last post