Steve Lawrence wrote: > Looks like the environment contained in /etc/default/init is > read and set > by startd and init. Since zlogin'ed processes are not child > of startd or init > in the zone, they do not have these environment settings. > > Given brands, to fix this, we would need to add a hook that > asks the zone: > > Please fetch me the default login environment.
And hope that the zone adminstrator hasn't figured out a way to violate security constraints by setting malicious variables in that default login environment... Such as a specially-corrupted termcap (pushing data to the global-zone xterm, for example), or a locale with similar "features" > > It would be similar to the hook that we currently have for > fetching the > passwd entry for a given user. passwd entries are fairly easy to validate. Arbitrary environment variables should not be accepted from an untrusted source. --Joe _______________________________________________ zones-discuss mailing list [email protected]
