[PATCH] prevent users from changing their environment

Michael Tokarev mjt at tls.msk.ru
Fri Jul 26 07:23:11 EST 2002


Ben Lindstrom wrote:
> 
> Why are you using a restricted shell that is not staticly compiled?  That
> is asking for trouble.  I don't see why we need to apply this to work
> around an issue with an incorrect configuration you have decided to use.

Most if not all restricted shells relies on environment - i.e. $PATH
where to find executables, or something like $ALLOWED_COMMANDS.  Shell
itself will not allow to change environment, but it will use variables
passed to it (or read from .profile etc).  If a user allowed to modify
environment before entering restricted shell, this will not be restricted
shell anymore.  That to say - not only LD_PRELOAD etc for dynamically
linked shell is in trouble, but any other variables as well.

/mjt



More information about the openssh-unix-dev mailing list