- markus@cvs.openbsd.org 2002/07/30 17:03:55
[auth-options.c servconf.c servconf.h session.c sshd_config sshd_config.5]
add PermitUserEnvironment (off by default!); from dot@dotat.at;
ok provos, deraadt
diff --git a/sshd_config.5 b/sshd_config.5
index 6625865..f43b2bb 100644
--- a/sshd_config.5
+++ b/sshd_config.5
@@ -34,7 +34,7 @@
.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
.\"
-.\" $OpenBSD: sshd_config.5,v 1.5 2002/07/09 17:46:25 stevesk Exp $
+.\" $OpenBSD: sshd_config.5,v 1.6 2002/07/30 17:03:55 markus Exp $
.Dd September 25, 1999
.Dt SSHD_CONFIG 5
.Os
@@ -465,6 +465,21 @@
If this option is set to
.Dq no
root is not allowed to login.
+.It Cm PermitUserEnvironment
+Specifies whether
+.Pa ~/.ssh/environment
+is read by
+.Nm sshd
+and whether
+.Cm environment=
+options in
+.Pa ~/.ssh/authorized_keys
+files are permitted.
+The default is
+.Dq no .
+This option is useful for locked-down installations where
+.Ev LD_PRELOAD
+and suchlike can cause security problems.
.It Cm PidFile
Specifies the file that contains the process ID of the
.Nm sshd