- stevesk@cvs.openbsd.org 2002/08/12 17:30:35

[ssh.1 sshd.8 sshd_config.5]
     more PermitUserEnvironment; ok markus@

ChangeLog

@@ -30,6 +30,9 @@
    - stevesk@cvs.openbsd.org 2002/08/09 17:41:12
      [sshd_config.5]
      proxy vs. fake display
+   - stevesk@cvs.openbsd.org 2002/08/12 17:30:35
+     [ssh.1 sshd.8 sshd_config.5]
+     more PermitUserEnvironment; ok markus@
 
 20020813
  - (tim) [configure.ac] Display OpenSSL header/library version.
@@ -1527,4 +1530,4 @@
  - (stevesk) entropy.c: typo in debug message
  - (djm) ssh-keygen -i needs seeded RNG; report from markus@
 
-$Id: ChangeLog,v 1.2422 2002/08/20 18:44:24 mouring Exp $
+$Id: ChangeLog,v 1.2423 2002/08/20 18:54:20 mouring Exp $

ssh.1

@@ -34,7 +34,7 @@
 .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
 .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 .\"
-.\" $OpenBSD: ssh.1,v 1.161 2002/08/02 16:00:07 marc Exp $
+.\" $OpenBSD: ssh.1,v 1.162 2002/08/12 17:30:35 stevesk Exp $
 .Dd September 25, 1999
 .Dt SSH 1
 .Os
@@ -744,9 +744,9 @@ and adds lines of the format
 .Dq VARNAME=value
 to the environment if the file exists and if users are allowed to
 change their environment.
-See
+See the
 .Cm PermitUserEnvironment
-in
+option in
 .Xr sshd_config 5 .
 .Sh FILES
 .Bl -tag -width Ds

sshd.8

@@ -34,7 +34,7 @@
 .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
 .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 .\"
-.\" $OpenBSD: sshd.8,v 1.187 2002/08/02 16:00:07 marc Exp $
+.\" $OpenBSD: sshd.8,v 1.188 2002/08/12 17:30:35 stevesk Exp $
 .Dd September 25, 1999
 .Dt SSHD 8
 .Os
@@ -351,9 +351,9 @@ Sets up basic environment.
 Reads
 .Pa $HOME/.ssh/environment
 if it exists and users are allowed to change their environment.
-See
+See the
 .Cm PermitUserEnvironment
-in
+option in
 .Xr sshd_config 5 .
 .It
 Changes to user's home directory.
@@ -462,6 +462,10 @@ logging in using this key.
 Environment variables set this way
 override other default environment values.
 Multiple options of this type are permitted.
+Environment processing is disabled by default and is
+controlled via the
+.Cm PermitUserEnvironment
+option.
 This option is automatically disabled if
 .Cm UseLogin
 is enabled.
@@ -702,6 +706,10 @@ It can only contain empty lines, comment lines (that start with
 and assignment lines of the form name=value.
 The file should be writable
 only by the user; it need not be readable by anyone else.
+Environment processing is disabled by default and is
+controlled via the
+.Cm PermitUserEnvironment
+option.
 .It Pa $HOME/.ssh/rc
 If this file exists, it is run with /bin/sh after reading the
 environment files but before starting the user's shell or command.

sshd_config.5

@@ -34,7 +34,7 @@
 .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
 .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 .\"
-.\" $OpenBSD: sshd_config.5,v 1.8 2002/08/09 17:41:12 stevesk Exp $
+.\" $OpenBSD: sshd_config.5,v 1.9 2002/08/12 17:30:35 stevesk Exp $
 .Dd September 25, 1999
 .Dt SSHD_CONFIG 5
 .Os
@@ -468,18 +468,17 @@ root is not allowed to login.
 .It Cm PermitUserEnvironment
 Specifies whether
 .Pa ~/.ssh/environment
-is read by
+and
-.Nm sshd
-and whether
 .Cm environment=
 options in
 .Pa ~/.ssh/authorized_keys
-files are permitted.
+are processed by
+.Nm sshd .
 The default is
 .Dq no .
-This option is useful for locked-down installations where
+Enabling environment processing may enable users to bypass access
-.Ev LD_PRELOAD
+restrictions in some configurations using mechanisms such as
-and suchlike can cause security problems.
+.Ev LD_PRELOAD .
 .It Cm PidFile
 Specifies the file that contains the process ID of the
 .Nm sshd