> A better solution is to smash the _entire_ environment flat, except for > specific ones, such as TZ, that can be reasonably assumed to be safe (I > hope - anyone broken into a system with the TZ variable? :-) I'm not even sure this is sufficient. This only works if LD_LIBRARY_PATH is not consulted until after you squash the environment. Is this true? (If not, you'd have to write a statically linked program to squash the environment and then exec() the real executable...) ...Robert