Gentoo has reported this issue via vendor-sec on 2004-10-05
Libsasl honors the environment variable SASL_PATH blindly, allowing a
local user to compile a "library" locally that is executed with the
EID of SASL when anything calls libsasl.
*** This bug has been marked as a duplicate of 134657 ***
Changed to 'CLOSED' state since 'RESOLVED' has been deprecated.