Path: utzoo!mnetor!uunet!husc6!bbn!bbn.com!rsalz
From: rsalz@bbn.com (Rich Salz)
Newsgroups: comp.bugs.sys5
Subject: Re: A security hole
Message-ID: <544@fig.bbn.com>
Date: 23 Mar 88 16:19:46 GMT
References: <181@wsccs.UUCP> <722@rivm05.UUCP> <478@minya.UUCP> <892@cosmo.UUCP> <175@pcsbst.UUCP>
Organization: BBN Laboratories, Cambridge MA
Lines: 8

Every single program that is subject to the "IFS" trick can be
protected by written a wrapper that sets the environment properly,
then calls the real program.  If you put all these programs in
one common directory, then you can have one front-end which has
hardlinks all over the place, and a simple exec based on argv[0].
	/r$
-- 
Please send comp.sources.unix-related mail to rsalz@uunet.uu.net.