Douglas Siebert says: >There are two ways I know of to protect against this attack until SGI has a >patch ready. One would be to write a wrapper that removes "dangerous" >environment variables. Obviously, figuring out which ones are dangerous is >the trick! Certainly anything that starts LD_ or _RLD should be removed. But >there may always be others you don't know about. There are a profusion of various *LD* environment variables to watch out for on each different platform, along with other similar dodgy vars; every time a vendor comes out with a major release, a new LD_whatever var seems to be created. :( I think a little firewall philosophy should be used here, namely deny unless explicitly permitted. Anyway, most env vars are not portable across a network, unless you've got a pretty homogenous lan; for example, in my environment I've got XMBINDDIR, XUSERFILESEARCHPATH, ftp_proxy, http_proxy, XAPPLRESDIR, XBMLANGPATH, PGPPATH, PATH and OSTYPE. If all these env vars suddenly got propagated to, for example, my login at my old university, most of them would be useless, or even disruptive in their effects. The env vars that spring to mind as being useful accross a network are: TZ, DISPLAY and TERM. Of course, to allow future enhancements, this should be a configurable option for the telnetd. Opinions? --j.