Path: utzoo!utgpu!jarvis.csri.toronto.edu!mailrus!csd4.milw.wisc.edu!nic.MR.NET!hal!ncoast!allbery
From: allbery@ncoast.ORG (Brandon S. Allbery)
Newsgroups: comp.unix.wizards
Subject: Re: TIOCSTI (was Terminals are ridiculously insecure)
Message-ID: <13369@ncoast.ORG>
Date: 29 Jan 89 17:27:50 GMT
References: <18176@adm.BRL.MIL>
Reply-To: allbery@ncoast.UUCP (Brandon S. Allbery)
Followup-To: comp.unix.wizards
Organization: Cleveland Public Access UN*X, Cleveland, Oh
Lines: 33

As quoted from <18176@adm.BRL.MIL> by rbj@nav.icst.nbs.gov (Root Boy Jim):
+---------------
| I agree that its very existence is a security *concern*, but I can see
| a few uses for it. How many times have users asked the questions: "How
| can a process change the {environment,working directory} of the parent?"
| This might be a good thing to do occasionally; one use would be to avoid
| the cortortions of eval'ing the output of tset.
+---------------

*gag* It's bad enough that tset has to vary its output based on my login
shell.

My idea of a (future) solution:  widen the exit code to an exit environment.
This would NOT be identical to the environment that's passed in, but instead
would allow a program to provide multiple exit values.  For compatibility,
exit(n) would return an exit environment containing "EXITCODE=n" and nothing
else.  A program could use setxenv() to stuff other values into the exit
environment, such as "TERM=footerm".  A new wait() call (waitenv()) would
take a pointer and buffer length as an argument and fill the area pointed to
with as much of the xenv as will fit.  I would *not* have shells
automatically place the xenv in the environment, I would probably add a
command "import" to /bin/k?sh and "getxenv" to csh to transfer variables
into internal (NOT environment) variables and let scripts handle it from
there.  (No, $foo-type ings would NOT work.  $ is overloaded enough already,
especially in csh where it has to refer to either of two completely
different namespaces.)

++Brandon
-- 
Brandon S. Allbery, moderator of comp.sources.misc	     allbery@ncoast.org
uunet!hal.cwru.edu!ncoast!allbery		    ncoast!allbery@hal.cwru.edu
      Send comp.sources.misc submissions to comp-sources-misc@<backbone>
NCoast Public Access UN*X - (216) 781-6201, 300/1200/2400 baud, login: makeuser