Why is this still a blacklist instead of a whitelist? There are many more environment variables in glibc that might result in undefined behavior or worse.
Stuffing all the things into the environment of unsuspecting processes is one of those vulns that keeps on giving.
Why is this still a blacklist instead of a whitelist? There are many more environment variables in glibc that might result in undefined behavior or worse.
Stuffing all the things into the environment of unsuspecting processes is one of those vulns that keeps on giving.