diff --git a/externals/kyuubi-spark-sql-engine/src/test/scala/org/apache/kyuubi/engine/spark/operation/SparkOperationSuite.scala b/externals/kyuubi-spark-sql-engine/src/test/scala/org/apache/kyuubi/engine/spark/operation/SparkOperationSuite.scala
index e86cf9770..5582e7dc0 100644
--- a/externals/kyuubi-spark-sql-engine/src/test/scala/org/apache/kyuubi/engine/spark/operation/SparkOperationSuite.scala
+++ b/externals/kyuubi-spark-sql-engine/src/test/scala/org/apache/kyuubi/engine/spark/operation/SparkOperationSuite.scala
@@ -654,6 +654,21 @@ class SparkOperationSuite extends WithSparkSQLEngine with JDBCTests {
     }
   }
 
+  test("env:* variables can not be set") {
+    withThriftClient { client =>
+      val req = new TOpenSessionReq()
+      req.setUsername("chengpan")
+      req.setPassword("123")
+      val conf = Map(
+        "set:env:ABC" -> "xyz")
+      req.setConfiguration(conf.asJava)
+      val tOpenSessionResp = client.OpenSession(req)
+      val status = tOpenSessionResp.getStatus
+      assert(status.getStatusCode === TStatusCode.ERROR_STATUS)
+      assert(status.getErrorMessage contains s"env:* variables can not be set")
+    }
+  }
+
   test("test variable substitution") {
     withThriftClient { client =>
       val req = new TOpenSessionReq()
diff --git a/kyuubi-common/src/main/scala/org/apache/kyuubi/session/SessionManager.scala b/kyuubi-common/src/main/scala/org/apache/kyuubi/session/SessionManager.scala
index c88de0548..6fbd80d26 100644
--- a/kyuubi-common/src/main/scala/org/apache/kyuubi/session/SessionManager.scala
+++ b/kyuubi-common/src/main/scala/org/apache/kyuubi/session/SessionManager.scala
@@ -104,7 +104,9 @@ abstract class SessionManager(name: String) extends CompositeService(name) {
   def validateKey(key: String, value: String): Option[(String, String)] = {
     val normalizedKey = if (key.startsWith(SET_PREFIX)) {
       val newKey = key.substring(SET_PREFIX.length)
-      if (newKey.startsWith(SYSTEM_PREFIX)) {
+      if (newKey.startsWith(ENV_PREFIX)) {
+        throw KyuubiSQLException(s"$key is forbidden, env:* variables can not be set.")
+      } else if (newKey.startsWith(SYSTEM_PREFIX)) {
         newKey.substring(SYSTEM_PREFIX.length)
       } else if (newKey.startsWith(HIVECONF_PREFIX)) {
         newKey.substring(HIVECONF_PREFIX.length)