I've been conducting a survey regarding process environment creation/inheritance in a unix environment. The intent of the report was to survey programs that start other programs like: sudo, xinetd, apache, stunnel and gage how well they insulate the child program from a privileged parent. The report reviews: process credentials, signal masks, current working directories, choices for standard descriptors, rlimits, posix capabilities, environmental variables, leaked and file descriptors. It also goes over some basic recommendations for developers to avoid problems found. It turns out that there are many problems across many vendors. For example, one of the things I discovered is that if you are root and restart any daemon, you will leak root's environmental variables into the newly started daemon. There may or may not be things in root's environmental variables that the admin would be surprised a child running as nobody has in its environment. The remedy is to use env -i infront of the command. However, I think the init scripts might want to have this on the daemon start line. There's few daemons I can think of that depend on an environment. Another finding that needs attention is apache 2.x. It turns out that it leaks 2 open descriptors for each website on a machine. These open descriptors go to the access and error log of each website. cgi-bin programs can poison the logs of other sites on the same machine, place malicious content for log analysis programs, delete access log via ftruncate, see what pages are being accessed on neighboring sites, or read anything dumped into error logs of neighboring websites. The worst offenders in this report were apache 2.x, php 4.2, stunnel, pppd, gdb, logrotate, xinetd, atd, anacron, su, and sudo. The above order ranks my estimation of severity from "worst" to "minor problem", too. Some projects do not want to make changes, like su, and other projects have already published fixes, like stunnel. The rest, I assume, have something in the pipeline. I have contacted all projects that I can find. But some I don't know who wrote or how to get in touch. rpm -qi doesn't report authors anymore. I think atd (the "at" daemon) is one of those. The env_audit program has been around for a couple of years, so I assume anyone with some curiosity already knows everything in the report.