bugzilla-daemon at mindrot.org
2004-Mar-21 00:00 UTC
[Bug 815] RFE: sshd should be able to set environment variables defined by the client
http://bugzilla.mindrot.org/show_bug.cgi?id=815 Summary: RFE: sshd should be able to set environment variables defined by the client Product: Portable OpenSSH Version: 3.8p1 Platform: All OS/Version: All Status: NEW Severity: enhancement Priority: P2 Component: sshd AssignedTo: openssh-bugs at mindrot.org ReportedBy: roland.mainz at nrubsig.org RFE: sshd should be able to set environment variables defined by the client, e.g. it should be possible that the user defines a value of an environment variable as part of the "ssh" command-line arguments and "sshd" then sets that environment variable for the application to execute. ------- You are receiving this mail because: ------- You are the assignee for the bug, or are watching the assignee.
bugzilla-daemon at mindrot.org
2004-Mar-21 07:46 UTC
[Bug 815] RFE: sshd should be able to set environment variables defined by the client
http://bugzilla.mindrot.org/show_bug.cgi?id=815 ------- Additional Comments From djm at mindrot.org 2004-03-21 18:46 ------- If we implement this, we will probably only do it for a couple of environment variables (LANG and maybe LC_*) as passing arbitrary environment variables provides new opportunities for a user to break out of restricted shell. ------- You are receiving this mail because: ------- You are the assignee for the bug, or are watching the assignee.
bugzilla-daemon at mindrot.org
2004-Mar-21 13:28 UTC
[Bug 815] RFE: sshd should be able to set environment variables defined by the client
http://bugzilla.mindrot.org/show_bug.cgi?id=815 ------- Additional Comments From roland.mainz at nrubsig.org 2004-03-22 00:28 ------- Damien Miller wrote:> If we implement this, we will probably only do it for a couple of environment > variables (LANG and maybe LC_*) as passing arbitrary environment variables > provides new opportunities for a user to break out of restricted shell.Good idea. I suggest to add support for filtering name=value pairs via extended regex pattern - one "accept" pattern and one "reject" pattern. Anything which matches the "accept" pattern and doesn't match the "reject" pattern should be accepted. accecpt_pattern should look like this ("match all" for now): ".*=.*" reject_pattern should look like this (kill linker and ssh env vars... and DISPLAY since that's used by the X11 forwarding code): "(^LD.*=.*|^SSH.*=.*|^DISPLAY.*=.*)" Generally whitelisted should be: CVSROOT CVS_RSH LANG LC_MESSAGES LC_TIME LC_NUMERIC LC_CTYPE LC_MONETARY LC_COLLATE LC_PAPER LC_ALL LPDEST (used by print spooler to set default printer) PRINTER (used by print spooler to set default printer) PDPRINTER (used by print spooler to set default printer) XPRINTER (used by Xprint - see http://xprint.mozdev.org) XPSERVERLIST (used by Xprint - see http://xprint.mozdev.org) TZ (timezone) MAIL (unix mail folder location) ------- You are receiving this mail because: ------- You are the assignee for the bug, or are watching the assignee.
bugzilla-daemon at mindrot.org
2004-Mar-30 03:58 UTC
[Bug 815] RFE: sshd should be able to set environment variables defined by the client
http://bugzilla.mindrot.org/show_bug.cgi?id=815 ------- Additional Comments From djm at mindrot.org 2004-03-30 13:58 ------- Created an attachment (id=578) --> (http://bugzilla.mindrot.org/attachment.cgi?id=578&action=view) Implement environment passing The attached patch implements environment passing for -current. ssh gains an option "SendEnv", which specifies which environment variables may be sent. sshd gains "AllowEnv", which controls what environment variables are accepted (I don't much like this option, it may go away in favour of a fixed list). Both of these options may be specified multiple times (with cumulative results) and both take basic "*" and "?" wildcards. This needs testing, especially with non-OpenSSH implementations. ------- You are receiving this mail because: ------- You are the assignee for the bug, or are watching the assignee.
bugzilla-daemon at mindrot.org
2004-Mar-30 03:59 UTC
[Bug 815] RFE: sshd should be able to set environment variables defined by the client
http://bugzilla.mindrot.org/show_bug.cgi?id=815 djm at mindrot.org changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |ASSIGNED Keywords| |patch Version|3.8p1 |-current ------- You are receiving this mail because: ------- You are the assignee for the bug, or are watching the assignee.
bugzilla-daemon at mindrot.org
2004-Mar-30 17:00 UTC
[Bug 815] RFE: sshd should be able to set environment variables defined by the client
http://bugzilla.mindrot.org/show_bug.cgi?id=815 ------- Additional Comments From roland.mainz at nrubsig.org 2004-03-31 03:00 ------- Damien Miller wrote:> ssh gains an option "SendEnv", which specifies which environment variables may > be sent. sshd gains "AllowEnv",What about the explicit "reject" list ?> which controls what environment variables are > accepted (I don't much like this option, it may go away in favour of a fixed > list).A hardcoded list may be bad. If someone finds a possible exploit via the "env-var"-forwarding it may be a good idea to have a quick way for admins to block the env var used for that. ------- You are receiving this mail because: ------- You are the assignee for the bug, or are watching the assignee.
bugzilla-daemon at mindrot.org
2004-Mar-30 20:25 UTC
[Bug 815] RFE: sshd should be able to set environment variables defined by the client
http://bugzilla.mindrot.org/show_bug.cgi?id=815 ------- Additional Comments From markus at openbsd.org 2004-03-31 06:25 ------- reject lists are bogus. default should be 'deny'. ------- You are receiving this mail because: ------- You are the assignee for the bug, or are watching the assignee.
Apparently Analagous Threads
- [Bug 827] RFE: Allow forwarding of Xprint servers if X11 forwarning is enabled
- [Bug 826] RFE: scp and ssh should have an option to set the group-id at login time
- [Bug 815] RFE: sshd should be able to set environment variables defined by the client
- Xprint support in OpenSSH?
- Automatic forwarding of Xprint server displays?