Re: Environment Poisoning and login -p

From: Andrey Chernov (ache_at_nagual.pp.ru)
Date: 02/27/04

  • Next message: D J Hawkey Jr: "Re: Environment Poisoning and login -p"
    Date: Fri, 27 Feb 2004 14:27:00 +0300
    To: D J Hawkey Jr <hawkeyd@visi.com>
    
    

    On Fri, Feb 27, 2004 at 05:13:53AM -0600, D J Hawkey Jr wrote:
    > > Instead, I've decided to follow Jacques Vidrine's
    > > suggestion of using a whitelist of environment variables
    > > that are "known-safe."
    >
    > Coming in from left field... Will there be some sort of mechanism for
    > an admin to set/modify this list?

    I agree we'll need it (because of different assumptions). Something like
    /etc/safe_environment file.

    -- 
    Andrey Chernov | http://ache.pp.ru/
    _______________________________________________
    freebsd-security@freebsd.org mailing list
    http://lists.freebsd.org/mailman/listinfo/freebsd-security
    To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org"
    

  • Next message: D J Hawkey Jr: "Re: Environment Poisoning and login -p"

    Relevant Pages

    • Re: Environment Poisoning and login -p
      ... I've decided to follow Jacques Vidrine's ... > suggestion of using a whitelist of environment variables ... To unsubscribe, ...
      (FreeBSD-Security)
    • Re: Environment Poisoning and login -p
      ... I've decided to follow Jacques Vidrine's ... >> suggestion of using a whitelist of environment variables ... Hey, out there - is it *you* reading me, or is it someone else? ...
      (FreeBSD-Security)
    • Re: Environment Poisoning and login -p
      ... Andrey Chernov wrote: ... I've decided to follow Jacques Vidrine's ... suggestion of using a whitelist of environment variables ...
      (FreeBSD-Security)
    • Re: HLA v1.93 is now available
      ... solve the problem of long command lines than having to set up ... environment variables, ... I'm quite negative on your suggestion of makefiles as a "one ...
      (alt.lang.asm)
    • Re: Capture whats being passed to a KSH interpreter
      ... > Thank you very much for this suggestion which of course is correct. ... > -env designates environment variables for that run. ... How on earth it ...
      (comp.unix.shell)