mirror of
git://anongit.mindrot.org/openssh.git
synced 2024-12-25 03:12:10 +00:00
ignore PAM environment vars when UseLogin=yes
If PAM is configured to read user-specified environment variables and UseLogin=yes in sshd_config, then a hostile local user may attack /bin/login via LD_PRELOAD or similar environment variables set via PAM. CVE-2015-8325, found by Shayan Sadigh, via Colin Watson
This commit is contained in:
parent
dce19bf6e4
commit
85bdcd7c92
Loading…
Reference in New Issue
Block a user