mailing list archives
Re: a point is being missed
From: casper () Holland Sun COM (Casper Dik)
Date: Sat, 4 Nov 1995 19:51:39 +0100
Why in all this telnetd flap has nobody mentioned that /bin/login should
be relinked STATICALLY? That at least defers the LD_* class of problem
until after login has done the setuid and exec, but still leaves things
like IFS passed to scripts.
Unfortunately, we can't do that.
Too much *requires* static dynamic linking, and in future even more
will be required. (Pluggable Authentication Modules)
BTW, login does filter other bad variables such as PATH, IFS and SHELL.
- Re: Telnet attack on SGI, (continued)