[Bug 1346] PAM environment takes precedence over SendEnv

Sun Dec 14 00:04:36 EST 2008

https://bugzilla.mindrot.org/show_bug.cgi?id=1346

--- Comment #13 from Jean-Christophe Dubacq <jcdubacq1 at free.fr>  2008-12-14 00:04:35 ---
'little standardisation'? locales ought to be la_CO[@variant].charset ;
with la and CO being ISO639 and ISO3166. The availability of a locale
on a given system is not guaranteed; however, ti is very usual to
install in some country the locale for this country's main language in
both charsets (old 8-bit and UTF-8, really).

pam_environment is perceived more as a default setting than a mandatory
one. And the fact that AcceptEnv is set by admin _and_ that the list of
accepted variables is a closed list should be enough to convince you
that AcceptEnv variables will not override _mandatory_ variables that
should be set by the admin only, never to be overriden: the admin would
simply remove these variables from the AcceptEnv list. List that, by
the way, on all linux systems I know (several distributions), contains
by default only... LANG and LC_* (when enabled).

Getting around this bug by using another variable is really not a good
way. Many shells have different initialization paths (even for the same
shell: login and not login shells). pam_environment is the way to set
sane defaults; sshd should override the user-specified variables.

Maybe there should be an option to set, so that the admin can choose
whether pam should come first or not. I can code that.

-- 
Configure bugmail: https://bugzilla.mindrot.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are watching the assignee of the bug.
You are watching someone on the CC list of the bug.