What risk is X11Forward to a server?

[Bob Proulx]

> > > How do you change the compiled-in PATH that sshd uses by default?
> > 
> > I don't think it is currently possible.  That is one thing that I have
> > really needed/wanted with ssh.  The ability to set the PATH in the
> > site sshd_config file.
> 
> RTFM:
> configure --with-default-path=xxx

But you cut off the part where I said:

> Which means I always need to recompile with a that path addition in
> order to make it compatible with rsh on our systems.

Which perhaps was not obviously stated as such but I assumed that you
would realize that when I recompile with a system dependent path that
meant configure --with-default-path since that is the most direct way
to recompile using a system dependent path.  I wasn't asking how to do
it.  I was _whining_ that I had to do it at all and couldn't configure
it in sshd_config at startup time instead.

Please RTFM yourself.  In this case the 'M' means my mail message!
:-) :-)

> You can also change it on a user-by-user basis though ~/.ssh/environment

This is not so good and does not work very well in practice.  Let's
say there are utilities installed in some non /usr/bin location.
Normally on a system one would make sure /etc/profile et al sets up
the user's PATH to find those.  Yes a user can freeze any given path
in their dot environment file.  But if updates are made then those
files all become stale.  And you also have to educate a whole user
base about the need to do it at all.  It would be nicer if the user
could be kept blissfully ignorant of the details and have it handled
by the system for everybody all at once.

This is not such a big thing.  I have been building and installing one
version or another ssh for years.  And adapting this every time.  But
it would still be nice.

Bob