diff --git a/index.js b/index.js
index 9686aad..5ec0097 100644
--- a/index.js
+++ b/index.js
@@ -42,7 +42,7 @@ function InstallDots(o) {
 	if (this.__destination[this.__destination.length-1] !== '/') this.__destination += '/';
 	this.__global		= o.global || "window.render";
 	this.__rendermodule	= o.rendermodule || {};
-	this.__settings 	= o.templateSettings ? copy(o.templateSettings, copy(doT.templateSettings)) : undefined;
+	this.__settings 	= Object.prototype.hasOwnProperty.call(o,"templateSettings") ? copy(o.templateSettings, copy(doT.templateSettings)) : undefined;
 	this.__includes		= {};
 }
 
diff --git a/test/process.test.js b/test/process.test.js
new file mode 100644
index 0000000..c2ace5c
--- /dev/null
+++ b/test/process.test.js
@@ -0,0 +1,31 @@
+'use strict';
+
+var assert = require('assert');
+var doT = require('..');
+
+
+describe('doT.process', function() {
+	describe('polluting object prototype should not affect template compilation', function() {
+		it('should ignore varname on object prototype', function() {
+      var currentLog = console.log;
+      console.log = log;
+      var logged;
+      
+			Object.prototype.templateSettings = {varname: 'it=(console.log("executed"),{})'};
+
+      try {
+        const templates = doT.process({path: './test'});
+        assert.notEqual(logged, 'executed');
+        // injected code can only be executed if undefined is passed to template function
+        templates.test();
+        assert.notEqual(logged, 'executed');
+      } finally {
+        console.log = currentLog;
+      }
+      
+      function log(str) {
+        logged = str;
+      }
+		})
+	});
+});
diff --git a/test/test.dot b/test/test.dot
new file mode 100644
index 0000000..6fbf476
--- /dev/null
+++ b/test/test.dot
@@ -0,0 +1 @@
+{{=it && it.test}}
\ No newline at end of file