diff options
author | djm@openbsd.org <djm@openbsd.org> | 2018-07-03 10:59:35 +0000 |
---|---|---|
committer | Damien Miller <djm@mindrot.org> | 2018-07-03 21:01:30 +1000 |
commit | 95344c257412b51199ead18d54eaed5bafb75617 (patch) | |
tree | 320a21db8781ca4f6a363db928ca04b3b0d1dd70 /sshd_config.5 | |
parent | 6f56fe4b9578b0627667f8bce69d4d938a88324c (diff) |
upstream: allow sshd_config PermitUserEnvironment to accept a
pattern-list of whitelisted environment variable names in addition to yes|no.
bz#1800, feedback and ok markus@
OpenBSD-Commit-ID: 77dc2b468e0bf04b53f333434ba257008a1fdf24
Diffstat (limited to 'sshd_config.5')
-rw-r--r-- | sshd_config.5 | 10 |
1 files changed, 8 insertions, 2 deletions
diff --git a/sshd_config.5 b/sshd_config.5 index 86d2d421b..60c5f4bd3 100644 --- a/sshd_config.5 +++ b/sshd_config.5 | |||
@@ -33,8 +33,8 @@ | |||
33 | .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF | 33 | .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF |
34 | .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. | 34 | .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. |
35 | .\" | 35 | .\" |
36 | .\" $OpenBSD: sshd_config.5,v 1.277 2018/06/19 05:36:57 jmc Exp $ | 36 | .\" $OpenBSD: sshd_config.5,v 1.278 2018/07/03 10:59:35 djm Exp $ |
37 | .Dd $Mdocdate: June 19 2018 $ | 37 | .Dd $Mdocdate: July 3 2018 $ |
38 | .Dt SSHD_CONFIG 5 | 38 | .Dt SSHD_CONFIG 5 |
39 | .Os | 39 | .Os |
40 | .Sh NAME | 40 | .Sh NAME |
@@ -1332,6 +1332,12 @@ options in | |||
1332 | .Pa ~/.ssh/authorized_keys | 1332 | .Pa ~/.ssh/authorized_keys |
1333 | are processed by | 1333 | are processed by |
1334 | .Xr sshd 8 . | 1334 | .Xr sshd 8 . |
1335 | Valid options are | ||
1336 | .Cm yes , | ||
1337 | .Cm no | ||
1338 | or a pattern-list specifying which environment variable names to accept | ||
1339 | (for example | ||
1340 | .Qq LANG,LC_* ) . | ||
1335 | The default is | 1341 | The default is |
1336 | .Cm no . | 1342 | .Cm no . |
1337 | Enabling environment processing may enable users to bypass access | 1343 | Enabling environment processing may enable users to bypass access |