bugzilla-daemon at mindrot.org
2014-Nov-15 01:53 UTC
[Bug 2317] New: sshd_config man page not clear on PermitUserEnvironment
https://bugzilla.mindrot.org/show_bug.cgi?id=2317
Bug ID: 2317
Summary: sshd_config man page not clear on
PermitUserEnvironment
Product: Portable OpenSSH
Version: 6.6p1
Hardware: All
OS: All
Status: NEW
Severity: enhancement
Priority: P5
Component: sshd
Assignee: unassigned-bugs at mindrot.org
Reporter: florin at andrei.myip.org
>From the current man page:
PermitUserEnvironment
Specifies whether ~/.ssh/environment and environmentoptions in
~/.ssh/authorized_keys are processed by sshd(8). The
default is ?no?. Enabling environment pro?cessing may enable users to
bypass access restrictions in some configurations using mechanisms such
as LD_PRELOAD.
What that sounds to me like is that enabling that option weakens the
security in general.
But after some googling I came across this discussion:
http://serverfault.com/questions/527638/security-risks-of-permituserenvironment-in-ssh
According to the answer, PermitUserEnvironment only weakens security
for restricted accounts, such as scp-only, etc., but has no impact on
full shell access accounts. If that is correct, then the man page is
incomplete and misleading.
I need that option enabled, but I was hesitant to use it. I almost
decided to not use it, but then I came across that discussion.
Please add a brief note to that entry in the man page, making clear
that there are no security issues with that option if all accounts have
full shell access (of course, assuming my interpretation is correct).
Thanks.
--
You are receiving this mail because:
You are watching the assignee of the bug.
bugzilla-daemon at mindrot.org
2014-Dec-11 04:59 UTC
[Bug 2317] sshd_config man page not clear on PermitUserEnvironment
https://bugzilla.mindrot.org/show_bug.cgi?id=2317
Damien Miller <djm at mindrot.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Resolution|--- |WONTFIX
Status|NEW |RESOLVED
CC| |djm at mindrot.org
--- Comment #1 from Damien Miller <djm at mindrot.org> ---
Unfortunately the reality is a little more complex than that.
Restricted accounts may be invoked by the user's shell that may be
affected by environment variables. It's impractical to list all the
possible cases where enabling this has unexpected consequences, so we
leave it to the administrator's discretion and knowledge of their own
system.
I don't see any reason to modify the text to weaken the warning.
--
You are receiving this mail because:
You are watching someone on the CC list of the bug.
You are watching the assignee of the bug.
bugzilla-daemon at bugzilla.mindrot.org
2016-Aug-02 00:41 UTC
[Bug 2317] sshd_config man page not clear on PermitUserEnvironment
https://bugzilla.mindrot.org/show_bug.cgi?id=2317
Damien Miller <djm at mindrot.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|RESOLVED |CLOSED
--- Comment #2 from Damien Miller <djm at mindrot.org> ---
Close all resolved bugs after 7.3p1 release
--
You are receiving this mail because:
You are watching someone on the CC list of the bug.
You are watching the assignee of the bug.
Reasonably Related Threads
- PermitUserEnvironment in sshd match block?
- [Bug 1800] New: PermitUserEnvironment accepting pattern of allowed userenv variables
- [Bug 1800] PermitUserEnvironment accepting pattern of allowed userenv variables
- [PATCH] prevent users from changing their environment
- Omission in sshd_config man page