[Bug 1800] PermitUserEnvironment accepting pattern of allowed userenv variables
bugzilla-daemon at bugzilla.mindrot.org
bugzilla-daemon at bugzilla.mindrot.org
Sat Oct 29 12:50:20 EST 2011
https://bugzilla.mindrot.org/show_bug.cgi?id=1800
--- Comment #11 from Daniel Allen <dada.da+mindrot at gmail.com> 2011-10-29 12:50:20 EST ---
(In reply to comment #10)
> The patch looks okay, but I'm a little reticent to add a method to
> control environment variables that doesn't look like any of the other
> ACL mechanisms that we use. Perhaps this should use
> match_pattern_list() (match.[ch]) to test environment variables when
> PermitUserEnvironment!=yes instead of a simple substring?
Oh! match_pattern_list() sounds like a much more robust solution.
I'll see if I can code something up soon. I have two big deadlines in
the next two weeks but I hope to have something to review soon.
Thanks, Daniel
--
Configure bugmail: https://bugzilla.mindrot.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are watching the assignee of the bug.
You are watching someone on the CC list of the bug.
More information about the openssh-bugs
mailing list