Dylan16807 parent
Relax, someone else already explained it without shouting.
At the time they hadn't and I'm fed up of the jumping to conclusions that env vars are the cause of any security issue. This is blaming poor code from poor devs on expert features from UNIX all to often.
Worrying when said person has authored a widely used security product(!). This is a bad trend in the industry that needs to stop.
> At the time they hadn't
Their comment was before yours.
if that's the comment you mean, it also misses the point
https://www.hackerneue.com/item?id=44355306
I'm talking about this comment. Are you talking about this comment? From what knowledge I have, it looks like a good explanation of the problem and why it's not an environment variable problem.