[PATCH] prevent users from changing their environment

[Andrew Bartlett]

Markus Friedl wrote:
> 
> hm, sshd already suffers from far to many options.

And too many features like ssh/environment in the first place.

My worry is that people do need restricted shell setups, and most
(myself included, it seems) stuff it up.  Basicly, OpenSSH makes it
impossible to construct a restricted shell as a standalone component.

It would be really good if doing this 'right' was easier - the curent
situation just means that people *think* they have done somthing that
they havn't actually done.  The same applies to the (related) SFTP
question.

> is making $HOME/.ssh unwriteable not an option?

For my server, this is certainly not somthing I can change.

How is this for an idea:  

There was a similar issue I raised a year ago - .ssh/rc was being
exectuted by SSH directly - now it uses the user's shell to exec /bin/sh
to run the file.

Could we do the same here?  Is there some way can pass the environment
variables to the user's shell so it can set them?

I was thinking that you could '$SHELL -c "cat .ssh/environment" or
similar (which would fail on a restricted shell) to ensure that the
restricted shell is honered.  (But there must be a better way...)

Andrew Bartlett

-- 
Andrew Bartlett                                 abartlet at pcug.org.au
Manager, Authentication Subsystems, Samba Team  abartlet at samba.org
Student Network Administrator, Hawker College   abartlet at hawkerc.net
http://samba.org     http://build.samba.org     http://hawkerc.net