openssh bugs - Aug 2008 - [Bug 1504] New: Allow the user to change the environment in a secure way

https://bugzilla.mindrot.org/show_bug.cgi?id=1504

           Summary: Allow the user to change the environment in a secure
                    way
           Product: Portable OpenSSH
           Version: 5.1p1
          Platform: All
        OS/Version: All
            Status: NEW
          Severity: enhancement
          Priority: P2
         Component: sshd
        AssignedTo: unassigned-bugs at mindrot.org
        ReportedBy: vincent at vinc17.org


OpenSSH should have a way to allow the user to change the environment
in a secure way. Using .profile (or similar) is not a solution since
such rc files are not always sourced when a command is used, such as in

  ssh -t <host> env

with the official bash (not Debian's) on the remote side.

The ~/.ssh/environment solution cannot be used in practice since:

1. Values are hardcoded in the file (I have not tried, though, but
things like `program` are not documented, so I suppose that this isn't
possible).

2. PermitUserEnvironment is set to "no" by default, and would remain
to
"no" anyway if there are access restrictions (I wonder if this is
really useful though, because ~/.ssh/rc probably allows the user to do
much more).

So, I think that sshd should have an option to allow the user to set
the chosen remote shell independently of his login shell (which could
also be a wrapper to the login shell, that sets up the environment).
This is more or less a shorthand of: ssh ... "exec my_shell -lc ..."

Alternatively, make the ~/.ssh/environment mechanism more flexible (not
just "yes" or "no", and in some conditions, allow the user
to run
programs such as LC_CTYPE=`command` -- but as the user can run programs
in his ~/.ssh/rc file, I don't think this is a problem here).

-- 
Configure bugmail: https://bugzilla.mindrot.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are watching the assignee of the bug.

https://bugzilla.mindrot.org/show_bug.cgi?id=1504


Damien Miller <djm at mindrot.org> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
             Status|NEW                         |RESOLVED
         Resolution|                            |WONTFIX
                 CC|                            |djm at mindrot.org




--- Comment #1 from Damien Miller <djm at mindrot.org>  2008-11-03
20:10:21 ---
Sorry, but we aren't interested in adding more mechanisms for env
setting or making the existing ones more powerful (certainly not adding
shell execution to .ssh/environment).

sshd_config:AcceptEnv and ssh_config:SendEnv should do almost
everything you need already.

-- 
Configure bugmail: https://bugzilla.mindrot.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are watching the assignee of the bug.
You are watching someone on the CC list of the bug.

https://bugzilla.mindrot.org/show_bug.cgi?id=1504





--- Comment #2 from Vincent Lefevre <vincent at vinc17.org>  2008-11-03
20:48:03 ---
FYI, sshd_config:AcceptEnv and ssh_config:SendEnv are useless for
things like locale settings, since the values are platform-specific.

So, the only solution is to write a wrapper to ssh, but with the need
to parse the arguments, which is not really easy...

-- 
Configure bugmail: https://bugzilla.mindrot.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are watching the assignee of the bug.
You are watching someone on the CC list of the bug.

https://bugzilla.mindrot.org/show_bug.cgi?id=1504


Damien Miller <djm at mindrot.org> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
             Status|RESOLVED                    |CLOSED




--- Comment #3 from Damien Miller <djm at mindrot.org>  2009-02-23
13:36:03 ---
Close bugs fixed/reviewed for openssh-5.2 release

-- 
Configure bugmail: https://bugzilla.mindrot.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are watching the assignee of the bug.
You are watching someone on the CC list of the bug.