> About in.telnetd I don't know much, except that it's
> environment isn't inherited from the telnet client
> program, which can't write in /etc/tmp...
Well, environment is passed using special protocal. How much of it is
used depends on in.telned version. Look:
pavel@Elf:~$ export DISPLAY=asdfgh
pavel@Elf:~$ telnet localhost
Trying 127.0.0.1...
Connected to localhost.
Escape character is '^]'.
Linux 2.1.72 (Elf.mj.gts.cz) (ttyp0)
Elf login: pavel
Password:
Last login: Tue Dec 16 09:08:08 on ttyp0 from localhost.
TERM=linux
Swipple's Rule of Order:
He who shouts the loudest has the floor.
pavel@Elf:~$ echo $DISPLAY
asdfgh
pavel@Elf:~$
And what about suid programs?
TMP=/etc ping localhost?
Ok, ping will not use $TMP, but X for sure will?
No, no, this is not secure.
Pavel
-- I'm really pavel@atrey.karlin.mff.cuni.cz. Pavel Look at http://atrey.karlin.mff.cuni.cz/~pavel/ ;-).