From: Bernd Lehle <Bernd.Lehle@RUS.Uni-Stuttgart.DE> after all the fuzz about the telnet/shared lib stuff somebody here came up with something that might be even more interesting: What woul hapen in the following case: . This game could be played with any suid program, where You know what routines it calls. Or am I missing something ? You're missing something. The dynamic linker won't pay attention to the LD_-whatever environment variables if a program is set-uid: (real and effective UIDs different). This is a problem with /bin/login only because it runs as "root" withOUT being set-uid; real and effective UIDs are the same.