Christian Kujau wrote:
An "attacker" can set $PATH to /tmp and do stuff too.
Sure, but that's well-known and standardized and it's easy (and expected) for administrative applications to sanitize PATH. The problem comes when we have lots of mysterious little environment variables any of which can wreak havoc.
