Date: Fri, 20 Oct 1995 10:23:24 -0700 From: "Justin T. Gibbs" <gibbs@freefall.freebsd.org> To: "Andrey A. Chernov" <ache@freefall.freebsd.org> Cc: CVS-commiters@freefall.freebsd.org, cvs-user@freefall.freebsd.org Subject: Re: cvs commit: src/secure/libexec/telnetd sys_term.c Message-ID: <199510201723.KAA09542@aslan.cdrom.com> In-Reply-To: Your message of "Fri, 20 Oct 1995 10:17:00 PDT." <199510201717.KAA11071@freefall.freebsd.org>
next in thread | previous in thread | raw e-mail | index | archive | help
>ache 95/10/20 10:16:59 > > Modified: secure/libexec/telnetd sys_term.c > Log: > Don't allow LD_* env. variables to be tricked > Submitted by: Sam Hartman <hartmans@mit.edu> I think that it should *only* exclude the variables that cause the vulnerability. Just because I choose to use a variable called LD_MY_TERMINAL_IS_BLUE doesn't mean I should get burned. -- Justin T. Gibbs =========================================== Software Developer - Walnut Creek CDROM FreeBSD: Turning PCs into workstations ===========================================
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199510201723.KAA09542>