> A better solution is to smash the _entire_ environment flat, except for > specific ones, such as TZ, that can be reasonably assumed to be safe (I > hope - anyone broken into a system with the TZ variable? :-) What is the best way to do this? I have seen several different methods and was interested in the most effective one. This will definitely be a recurring issue, as the past has shown. > ObBugDetectingHint: (I thought this to be obvious, but I've mentioned it > to a few people who hadnt realised it, so may as well send it on) > > You can get an idea for whether a program is doing something stupid like a > system() or popen() with 'strings'. For example, something like > > /bin/mail %s > > is usually a bit of a giveaway that someone is doing something stupid, and > you might be able to break it. I just wanted to add that Ultrix binaries are really helpful in the fact that 'strings' reports which parts of the standard library are used. For example: wonker% strings /usr/bin/mail | egrep 'system|popen' (...) @(#)popen.c @(#)system.c > (bonus points if you can spot the program that the above is from :-) Expreserve (boy what a memory :-) -Nate