[6171] in Kerberos
Re: Why TELNET sends arbitrary environment variables at all?
daemon@ATHENA.MIT.EDU (Richard Basch)
Wed Nov 8 09:44:02 1995
Date: Wed, 8 Nov 1995 09:32:59 -0500
To: schwartz@galapagos.cse.psu.edu (Scott Schwartz)
Cc: kerberos@MIT.EDU
In-Reply-To: <SCHWARTZ.95Nov7174652@galapagos.cse.psu.edu>
From: "Richard Basch" <basch@lehman.com>
On , 7-November-1995, "Scott Schwartz" wrote to "kerberos@MIT.EDU" saying:
> djb@silverton.berkeley.edu (D. J. Bernstein) writes:
> | TZ does vary, but do you really want an ls -l in your home directory to
> | shift all the times by an hour when you connect from the next time zone?
> | Why should this be passed?
>
> If you launch an xclock, don't you want it to show the correct local
> time?
>
> XAUTHORITY is another one that is convenient to pass along, given a
> network filesystem.
How about PAGER, MORE, LESS, EDITOR, VISUAL, PRINTER, LPDEST, and a few
others? How about application environment variables, such as: NNTPSERVER,
MAILHOST, WWW_HOME, or variables that may be for my personal
applications or site applications?
It is easier to enumerate the dangerous variables during the login
procedure than to predict EVERY user's application profile.
I would rather see people accomodating the users instead of restricting
them. Basically, after a certain point, all the applications that could
be spawned by the user could already have their environments modified by
the user. The question is what variables are crucial to a particular
operating system prior to user control?
For those that don't wish to do the investigation, then it may make
sense to be paranoid and overly-restrictive. This is why I like Dave
Borman's suggestion of having a configuration file that tells telnetd
which ones to allow and which ones to ignore.
--
Richard Basch URL: http://web.mit.edu/probe/www/home.html
Lehman Brothers, Inc. Email: basch@lehman.com
101 Hudson St., 33rd Floor Fax: +1-201-524-5828
Jersey City, NJ 07302-3988 Voice: +1-201-524-5049
