[PATCH] forwarding environment vars ala RFC2026

Joachim Falk joachim.falk at gmx.de
Wed Jun 5 19:55:02 EST 2002


On Wed, 5 Jun 2002, Markus Friedl wrote:

> how is this related to RFC2026?
>
Red Face time.

You are right i have looked only for a RFC number in the
draft-ietf-secsh-connect-15.txt. The environment forwarding
is specified in this draft. Relevant sections included.

[DRAFT snippet]
Network Working Group                                          T. Ylonen
Internet-Draft                                                T. Kivinen
Expires: August 1, 2002                 SSH Communications Security Corp
                                                             M. Saarinen
                                                 University of Jyvaskyla
                                                                T. Rinne
                                                             S. Lehtinen
                                        SSH Communications Security Corp
                                                        January 31, 2002

                        SSH Connection Protocol
                    draft-ietf-secsh-connect-15.txt

Status of this Memo

   This document is an Internet-Draft and is in full conformance with
   all provisions of Section 10 of RFC2026.

[snipped much text]

4.4 Environment Variable Passing

   Environment variables may be passed to the shell/command to be
   started later.  Uncontrolled setting of environment variables in a
   privileged process can be a security hazard.  It is recommended that
   implementations either maintain a list of allowable variable names or
   only set environment variables after the server process has dropped
   sufficient privileges.

     byte      SSH_MSG_CHANNEL_REQUEST
     uint32    recipient channel
     string    "env"
     boolean   want reply
     string    variable name
     string    variable value

[snipped much text]
[END DRAFT]

Best Regards
Joachim Falk

-- 




More information about the openssh-unix-dev mailing list