Simon Tatham wrote:
If I haven't misunderstood anything, then perhaps an alternative wording might be: | Uncontrolled setting of environment variables in a privileged | process can be a security hazard, so it is recommended that | implementations either maintain a list of allowable variable names, | or do not actually set the variables until after the server process | has dropped its privileges.
I think that wording is much more appropriate, since it actually describes the problem as well as giving solutions. -- Darren J Moffat