environ problem in 3.8p1

Petr Ostadal postadal at suse.cz
Tue Mar 9 02:21:08 EST 2004


Is any safe way how to forward LANG and LC_* environ variables from client
to remote? I have problem with utf8<->not utf8 terminals ;(.

	Petr

On Mon, 8 Mar 2004, Darren Tucker wrote:

> John P. Rouillard wrote:
> > I would suggest not blanking "a couple of environment variables", but
> > passing only a the environment variables you need and
> > blanking/removing all the rest.
>
> At the moment, only specific environment variables are copied from the
> daemon's environment to the child's.  KRB5CCNAME is an odd case because
> on AIX it might be set by the auth process itself, and the issue is if
> it's set in root's environment but not overridden during the login process.
>
> > It's just safer since you never know
> > what variables could be used for an exploit later.
>
> The environment variables in question are those inherited from root's
> environment at daemon startup, users don't get to fiddle with them.
>
> --
> Darren Tucker (dtucker at zip.com.au)
> GPG key 8FF4FA69 / D9A3 86E9 7EEE AF4B B2D4  37C9 C982 80C7 8FF4 FA69
>      Good judgement comes with experience. Unfortunately, the experience
> usually comes from bad judgement.
>
>
> _______________________________________________
> openssh-unix-dev mailing list
> openssh-unix-dev at mindrot.org
> http://www.mindrot.org/mailman/listinfo/openssh-unix-dev
>




More information about the openssh-unix-dev mailing list