> when rc is invoked, rc reconstructs shell variable and shell functions using
> files in /env/.
> in case of shell functions, rc evaluates whole data in the file.
> this feature makes problem if the content is
> fn foo {…}; maliciouscommandHow would a malicious agent put something into /env? If it's possible, how is this different from putting something into $home/bin/rc or binding something into /rc/bin ?
