>A class of security vulnerabilities has resurfaced in the dynamic loaders >of FreeBSD, OpenBSD, and NetBSD in the sanitization of environment >variables for suid and sgid binaries. In Solaris we have long felt that the dynamic linker should not touch the environment; instead, the onus is on applications running setuid(0) and starting subprocesses to strip the appropriate environment variable (or better, set the environment to a sensible default) Various bugs of this sort have been fixed in Solaris over the years, in the set-uid programs. It is just one of the things set-uid program writes need to be aware of. As a number of set-uid applications start programs as the user later on, stripping such environment variables often has undesirably side-effects. Casper
