Re: Environment variables (SECURITY: too many new packages)

[ejb () CYBERSPACE ORG (Edward John Brocklesby)]

Hi,

> will I assume be issuing identical updates) might like to take a look
> at how their own OS handles pointing the following at files only root
> can read and running setuid apps. (or setgid usage in some cases such as
> Mutt)

On NetBSD, and perhaps other OS's, the file ~/.termcap is also checked,
so ln -s /etc/master.passwd ~/.termcap could get the root password
(I haven't tested this myself)

        -ejb