UNIX applications often use environment variables for customization, too.
Many well used UNIX applications, including LPR, xterm and eject, have been abused into giving up root through exploit of buffer overflow in suid regions of the code.