5.0 vs 5.1 remote command execution
Kaizaad Bilimorya
kaizaad at sharcnet.ca
Fri Dec 12 03:58:01 EST 2008
Hello,
I am experiencing some strange behaviour that I am hoping someone can
shed some light on.
OS and kernel:
Red Hat Enterprise Linux AS release 4 (Nahant Update 5)
Linux host135 2.6.9-67.9hp.7sp.XCsmp #1 SMP Thu Jul 3 18:55:59 EDT 2008 x86_64 x86_64 x86_64 GNU/Linux
built both openssh-5.0p1 and openssh-5.1p1 with the following options:
./configure --prefix=/usr --libexecdir=/usr/libexec/openssh --localstatedir=/var/empty/sshd \
--sysconfdir=/etc/ssh --with-pam --with-md5-passwords --with-zlib=/home/XXX/software/zlib-1.2.3 \
--with-tcp-wrappers
With everything else being identical and just swapping the sshd binaries,
I noticed the following:
# ssh -v host135
debug1: match: OpenSSH_5.0 pat OpenSSH*
...snip
# ssh host135 'echo $PATH'
/opt/octave/current:/opt/mpiblast/current/bin:/opt/lammps/current/bin:/opt/dlpoly/current/execute:
...snip
# ssh -v host135
debug1: match: OpenSSH_5.1 pat OpenSSH*
...snip
# ssh host135 'echo $PATH'
/usr/bin:/bin:/usr/sbin:/sbin
According to the docs, the behaviour exhibited by v5.1 is correct, remote
command execution should not process the user's login shell and env. But
why was this happening in v5.0? I can't find anything in the 5.1 change
log that explains this change in behaviour.
thanks
-k
More information about the openssh-unix-dev
mailing list