From e918f7c73198d2ac9503c5f243417504feede464 Mon Sep 17 00:00:00 2001 From: quamrulmina Date: Sat, 31 Oct 2015 17:07:07 -0500 Subject: [PATCH] IPC env var and handle used by sshd is made unavailable to shell/subsystem sshd.exe uses SSHD_REMSOC env var as private IPC for remote socket handle passing. The env var is deleted and the handle is made not inheritable by sshd so that shell and subsystem do not see it or have access to the handle. --- sshd.c | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/sshd.c b/sshd.c index 0e31ea7..3a7b8fe 100644 --- a/sshd.c +++ b/sshd.c @@ -2809,6 +2809,10 @@ main(int ac, char **av) remotesochandle = atoi( getenv("SSHD_REMSOC") ); sock_in = sock_out = newsock = allocate_sfd(remotesochandle) ; //si.hStdInput); + + // we have the socket handle, delete it for child processes we create like shell + SetEnvironmentVariable("SSHD_REMSOC", NULL); + SetHandleInformation(remotesochandle, HANDLE_FLAG_INHERIT, 0); // make the handle not to be inherited /* * We don't have a startup_pipe