[Bug 1346] PAM environment takes precedence over SendEnv
bugzilla-daemon at bugzilla.mindrot.org
bugzilla-daemon at bugzilla.mindrot.org
Sat Dec 13 21:52:15 EST 2008
https://bugzilla.mindrot.org/show_bug.cgi?id=1346
--- Comment #12 from Damien Miller <djm at mindrot.org> 2008-12-13 21:52:13 ---
If locale-related environment variables were all that were handled by
SendEnv/PAM then there would be no argument - we would happily allow
SendEnv to take precedence. Unfortunately this is not the case and I
generally think that env variables specified by a security subsystem
(e.g. PAM) should "win". Given that an administrator must explicitly
enable AcceptEnv anyway, this doesn't seem too unreasonable.
As a workaround, you can "rename" the locale variables at the client.
E.g. by placing SSH_LANG=$LANG in your environment and SendEnv'ing
SSH_LANG instead of LANG. At the sshd end, your shell initialisation
can look for SSH_LANG and, if it is present, apply it - potentially
overriding anything set by the admin.
Finally, if I understand correctly, there is little standardisation of
the contents of LANG and LC_* so sending anything in them is bound to
be fragile.
--
Configure bugmail: https://bugzilla.mindrot.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are watching the assignee of the bug.
You are watching someone on the CC list of the bug.
More information about the openssh-bugs
mailing list