libstd: Add non-Rust synchronization warnings for setenv()

See:
https://sourceware.org/bugzilla/show_bug.cgi?id=4887#c9
https://bugs.freedesktop.org/show_bug.cgi?id=65681

I just noticed this while talking to someone who was using
`os.environ['FOO'] = 'BAR'` in Python and since I'm learning Rust, I
was curious if it did anything special here.  It looks like Rust has
an internal mutex, which helps for apps that are pure Rust, but it
will be an evil trap for someone later adding in native code (apps
like Servo and games will be at risk).

Java got this right by disallowing `setenv()` from the start.

I suggest Rust program authors only use `setenv()` early in main.

Author: cgwalters

src/libstd/env.rs

@@ -243,6 +243,14 @@ impl Error for VarError {
 /// Sets the environment variable `k` to the value `v` for the currently running
 /// process.
 ///
+/// Note that while concurrent access to environment variables is safe in Rust,
+/// some platforms only expose inherently unsafe non-threadsafe APIs for
+/// inspecting the environment. As a result extra care needs to be taken when
+/// auditing calls to unsafe external FFI functions to ensure that any
+/// environment accesses are properly synchronized with accesses in Rust.
+///
+/// Open Group bug: http://austingroupbugs.net/view.php?id=188
+///
 /// # Examples
 ///
 /// ```
@@ -260,6 +268,14 @@ pub fn set_var<K: AsRef<OsStr>, V: AsRef<OsStr>>(k: K, v: V) {
 
 /// Removes an environment variable from the environment of the currently running process.
 ///
+/// Note that while concurrent access to environment variables is safe in Rust,
+/// some platforms only expose inherently unsafe non-threadsafe APIs for
+/// inspecting the environment. As a result extra care needs to be taken when
+/// auditing calls to unsafe external FFI functions to ensure that any
+/// environment accesses are properly synchronized with accesses in Rust.
+///
+/// Open Group bug: http://austingroupbugs.net/view.php?id=188
+///
 /// # Examples
 ///
 /// ```