summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--ChangeLog6
-rw-r--r--auth-options.c5
-rw-r--r--servconf.c12
-rw-r--r--servconf.h3
-rw-r--r--session.c4
-rw-r--r--sshd_config3
-rw-r--r--sshd_config.517
7 files changed, 40 insertions, 10 deletions
diff --git a/ChangeLog b/ChangeLog
index 9657aca12..74ce05354 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -18,6 +18,10 @@
18 - markus@cvs.openbsd.org 2002/07/29 18:57:30 18 - markus@cvs.openbsd.org 2002/07/29 18:57:30
19 [sshconnect.c] 19 [sshconnect.c]
20 print file:line 20 print file:line
21 - markus@cvs.openbsd.org 2002/07/30 17:03:55
22 [auth-options.c servconf.c servconf.h session.c sshd_config sshd_config.5]
23 add PermitUserEnvironment (off by default!); from dot@dotat.at;
24 ok provos, deraadt
21 25
2220020730 2620020730
23 - (bal) [uidswap.c] SCO compile correction by gert@greenie.muc.de 27 - (bal) [uidswap.c] SCO compile correction by gert@greenie.muc.de
@@ -1486,4 +1490,4 @@
1486 - (stevesk) entropy.c: typo in debug message 1490 - (stevesk) entropy.c: typo in debug message
1487 - (djm) ssh-keygen -i needs seeded RNG; report from markus@ 1491 - (djm) ssh-keygen -i needs seeded RNG; report from markus@
1488 1492
1489$Id: ChangeLog,v 1.2412 2002/08/01 01:26:29 mouring Exp $ 1493$Id: ChangeLog,v 1.2413 2002/08/01 01:28:38 mouring Exp $
diff --git a/auth-options.c b/auth-options.c
index 41a29f79c..8595fdc14 100644
--- a/auth-options.c
+++ b/auth-options.c
@@ -10,7 +10,7 @@
10 */ 10 */
11 11
12#include "includes.h" 12#include "includes.h"
13RCSID("$OpenBSD: auth-options.c,v 1.25 2002/07/21 18:32:20 stevesk Exp $"); 13RCSID("$OpenBSD: auth-options.c,v 1.26 2002/07/30 17:03:55 markus Exp $");
14 14
15#include "xmalloc.h" 15#include "xmalloc.h"
16#include "match.h" 16#include "match.h"
@@ -133,7 +133,8 @@ auth_parse_options(struct passwd *pw, char *opts, char *file, u_long linenum)
133 goto next_option; 133 goto next_option;
134 } 134 }
135 cp = "environment=\""; 135 cp = "environment=\"";
136 if (strncasecmp(opts, cp, strlen(cp)) == 0) { 136 if (options.permit_user_env &&
137 strncasecmp(opts, cp, strlen(cp)) == 0) {
137 char *s; 138 char *s;
138 struct envstring *new_envstring; 139 struct envstring *new_envstring;
139 140
diff --git a/servconf.c b/servconf.c
index bdf39afb8..50fccdda8 100644
--- a/servconf.c
+++ b/servconf.c
@@ -10,7 +10,7 @@
10 */ 10 */
11 11
12#include "includes.h" 12#include "includes.h"
13RCSID("$OpenBSD: servconf.c,v 1.112 2002/06/23 09:46:51 deraadt Exp $"); 13RCSID("$OpenBSD: servconf.c,v 1.113 2002/07/30 17:03:55 markus Exp $");
14 14
15#if defined(KRB4) 15#if defined(KRB4)
16#include <krb.h> 16#include <krb.h>
@@ -101,6 +101,7 @@ initialize_server_options(ServerOptions *options)
101 options->kbd_interactive_authentication = -1; 101 options->kbd_interactive_authentication = -1;
102 options->challenge_response_authentication = -1; 102 options->challenge_response_authentication = -1;
103 options->permit_empty_passwd = -1; 103 options->permit_empty_passwd = -1;
104 options->permit_user_env = -1;
104 options->use_login = -1; 105 options->use_login = -1;
105 options->compression = -1; 106 options->compression = -1;
106 options->allow_tcp_forwarding = -1; 107 options->allow_tcp_forwarding = -1;
@@ -223,6 +224,8 @@ fill_default_server_options(ServerOptions *options)
223 options->challenge_response_authentication = 1; 224 options->challenge_response_authentication = 1;
224 if (options->permit_empty_passwd == -1) 225 if (options->permit_empty_passwd == -1)
225 options->permit_empty_passwd = 0; 226 options->permit_empty_passwd = 0;
227 if (options->permit_user_env == -1)
228 options->permit_user_env = 0;
226 if (options->use_login == -1) 229 if (options->use_login == -1)
227 options->use_login = 0; 230 options->use_login = 0;
228 if (options->compression == -1) 231 if (options->compression == -1)
@@ -291,7 +294,7 @@ typedef enum {
291 sPrintMotd, sPrintLastLog, sIgnoreRhosts, 294 sPrintMotd, sPrintLastLog, sIgnoreRhosts,
292 sX11Forwarding, sX11DisplayOffset, sX11UseLocalhost, 295 sX11Forwarding, sX11DisplayOffset, sX11UseLocalhost,
293 sStrictModes, sEmptyPasswd, sKeepAlives, 296 sStrictModes, sEmptyPasswd, sKeepAlives,
294 sUseLogin, sAllowTcpForwarding, sCompression, 297 sPermitUserEnvironment, sUseLogin, sAllowTcpForwarding, sCompression,
295 sAllowUsers, sDenyUsers, sAllowGroups, sDenyGroups, 298 sAllowUsers, sDenyUsers, sAllowGroups, sDenyGroups,
296 sIgnoreUserKnownHosts, sCiphers, sMacs, sProtocol, sPidFile, 299 sIgnoreUserKnownHosts, sCiphers, sMacs, sProtocol, sPidFile,
297 sGatewayPorts, sPubkeyAuthentication, sXAuthLocation, sSubsystem, sMaxStartups, 300 sGatewayPorts, sPubkeyAuthentication, sXAuthLocation, sSubsystem, sMaxStartups,
@@ -354,6 +357,7 @@ static struct {
354 { "xauthlocation", sXAuthLocation }, 357 { "xauthlocation", sXAuthLocation },
355 { "strictmodes", sStrictModes }, 358 { "strictmodes", sStrictModes },
356 { "permitemptypasswords", sEmptyPasswd }, 359 { "permitemptypasswords", sEmptyPasswd },
360 { "permituserenvironment", sPermitUserEnvironment },
357 { "uselogin", sUseLogin }, 361 { "uselogin", sUseLogin },
358 { "compression", sCompression }, 362 { "compression", sCompression },
359 { "keepalive", sKeepAlives }, 363 { "keepalive", sKeepAlives },
@@ -713,6 +717,10 @@ parse_flag:
713 intptr = &options->permit_empty_passwd; 717 intptr = &options->permit_empty_passwd;
714 goto parse_flag; 718 goto parse_flag;
715 719
720 case sPermitUserEnvironment:
721 intptr = &options->permit_user_env;
722 goto parse_flag;
723
716 case sUseLogin: 724 case sUseLogin:
717 intptr = &options->use_login; 725 intptr = &options->use_login;
718 goto parse_flag; 726 goto parse_flag;
diff --git a/servconf.h b/servconf.h
index c94f541d0..024987dd6 100644
--- a/servconf.h
+++ b/servconf.h
@@ -1,4 +1,4 @@
1/* $OpenBSD: servconf.h,v 1.58 2002/06/20 23:05:55 markus Exp $ */ 1/* $OpenBSD: servconf.h,v 1.59 2002/07/30 17:03:55 markus Exp $ */
2 2
3/* 3/*
4 * Author: Tatu Ylonen <ylo@cs.hut.fi> 4 * Author: Tatu Ylonen <ylo@cs.hut.fi>
@@ -97,6 +97,7 @@ typedef struct {
97 int challenge_response_authentication; 97 int challenge_response_authentication;
98 int permit_empty_passwd; /* If false, do not permit empty 98 int permit_empty_passwd; /* If false, do not permit empty
99 * passwords. */ 99 * passwords. */
100 int permit_user_env; /* If true, read ~/.ssh/environment */
100 int use_login; /* If true, login(1) is used */ 101 int use_login; /* If true, login(1) is used */
101 int compression; /* If true, compression is allowed */ 102 int compression; /* If true, compression is allowed */
102 int allow_tcp_forwarding; 103 int allow_tcp_forwarding;
diff --git a/session.c b/session.c
index e2e30340c..f2a1bf015 100644
--- a/session.c
+++ b/session.c
@@ -33,7 +33,7 @@
33 */ 33 */
34 34
35#include "includes.h" 35#include "includes.h"
36RCSID("$OpenBSD: session.c,v 1.145 2002/07/22 11:03:06 markus Exp $"); 36RCSID("$OpenBSD: session.c,v 1.146 2002/07/30 17:03:55 markus Exp $");
37 37
38#include "ssh.h" 38#include "ssh.h"
39#include "ssh1.h" 39#include "ssh1.h"
@@ -1065,7 +1065,7 @@ do_setup_env(Session *s, const char *shell)
1065 auth_sock_name); 1065 auth_sock_name);
1066 1066
1067 /* read $HOME/.ssh/environment. */ 1067 /* read $HOME/.ssh/environment. */
1068 if (!options.use_login) { 1068 if (options.permit_user_env && !options.use_login) {
1069 snprintf(buf, sizeof buf, "%.200s/.ssh/environment", 1069 snprintf(buf, sizeof buf, "%.200s/.ssh/environment",
1070 pw->pw_dir); 1070 pw->pw_dir);
1071 read_environment_file(&env, &envsize, buf); 1071 read_environment_file(&env, &envsize, buf);
diff --git a/sshd_config b/sshd_config
index 24c4e059e..f20d812ee 100644
--- a/sshd_config
+++ b/sshd_config
@@ -1,4 +1,4 @@
1# $OpenBSD: sshd_config,v 1.56 2002/06/20 23:37:12 markus Exp $ 1# $OpenBSD: sshd_config,v 1.57 2002/07/30 17:03:55 markus Exp $
2 2
3# This is the sshd server system-wide configuration file. See 3# This is the sshd server system-wide configuration file. See
4# sshd_config(5) for more information. 4# sshd_config(5) for more information.
@@ -81,6 +81,7 @@
81#KeepAlive yes 81#KeepAlive yes
82#UseLogin no 82#UseLogin no
83#UsePrivilegeSeparation yes 83#UsePrivilegeSeparation yes
84#PermitUserEnvironment no
84#Compression yes 85#Compression yes
85 86
86#MaxStartups 10 87#MaxStartups 10
diff --git a/sshd_config.5 b/sshd_config.5
index 6625865ef..f43b2bb9b 100644
--- a/sshd_config.5
+++ b/sshd_config.5
@@ -34,7 +34,7 @@
34.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF 34.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
35.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 35.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
36.\" 36.\"
37.\" $OpenBSD: sshd_config.5,v 1.5 2002/07/09 17:46:25 stevesk Exp $ 37.\" $OpenBSD: sshd_config.5,v 1.6 2002/07/30 17:03:55 markus Exp $
38.Dd September 25, 1999 38.Dd September 25, 1999
39.Dt SSHD_CONFIG 5 39.Dt SSHD_CONFIG 5
40.Os 40.Os
@@ -465,6 +465,21 @@ for root.
465If this option is set to 465If this option is set to
466.Dq no 466.Dq no
467root is not allowed to login. 467root is not allowed to login.
468.It Cm PermitUserEnvironment
469Specifies whether
470.Pa ~/.ssh/environment
471is read by
472.Nm sshd
473and whether
474.Cm environment=
475options in
476.Pa ~/.ssh/authorized_keys
477files are permitted.
478The default is
479.Dq no .
480This option is useful for locked-down installations where
481.Ev LD_PRELOAD
482and suchlike can cause security problems.
468.It Cm PidFile 483.It Cm PidFile
469Specifies the file that contains the process ID of the 484Specifies the file that contains the process ID of the
470.Nm sshd 485.Nm sshd