X-Spam-Check-By: sourceware.org
Subject: Re: Windows environment variables in ssh sessions with privilege 	seperation
From: Sean Morgan <morgan@schrodinger.com>
To: cygwin@cygwin.com
In-Reply-To: <31b7d2790611151525q7c69b099uaa790633a6539ca9@mail.gmail.com>
References: <1163631780.4704.66.camel@Ruksana.schrodinger.com> 	 <31b7d2790611151525q7c69b099uaa790633a6539ca9@mail.gmail.com>
Content-Type: text/plain
Date: Wed, 15 Nov 2006 17:30:02 -0800
Message-Id: <1163640602.4704.97.camel@Ruksana.schrodinger.com>
Mime-Version: 1.0
X-Mailer: Evolution 2.0.2 (2.0.2-27.rhel4.6)
Content-Transfer-Encoding: 7bit
X-IsSubscribed: yes
Mailing-List: contact cygwin-help@cygwin.com; run by ezmlm
Precedence: bulk
List-Unsubscribe: <mailto:cygwin-unsubscribe-archive-cygwin=delorie.com@cygwin.com>
List-Subscribe: <mailto:cygwin-subscribe@cygwin.com>
List-Archive: <http://sourceware.org/ml/cygwin/>
List-Post: <mailto:cygwin@cygwin.com>
List-Help: <mailto:cygwin-help@cygwin.com>, <http://sourceware.org/ml/#faqs>
Sender: cygwin-owner@cygwin.com
Mail-Followup-To: cygwin@cygwin.com
Delivered-To: mailing list cygwin@cygwin.com

Adding the environment variables to HKEY_LOCAL_MACHINE\SYSTEM
\CurrentControlSet\Services\sshd\Parameters\Environment does not seem to
have an effect outside of the CYGWIN variable which does in fact change
after editing the registry. This provided me with some verification that
I had in fact been carrying out my experimentation on the appropriate
key.

>From an ssh sessions here's a sample of the contents of the environment
key:

reg query "HKLM\system\currentcontrolset\services\sshd\parameters
\environment"

! REG.EXE VERSION 3.0

HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sshd\parameters
\environment
    CYGWIN      REG_SZ  ntsec tty binmode smbntsec
    PERLDB_OPTS REG_SZ  RemotePort=127.0.0.1:2000

Doing a 

	set | grep -i perldb

after restarting sshd or rebooting yields nothing.

Is it possible that these are getting set in the environment of the
service user but not exported to the shell of the impersonated user? Can
someone shed some more light perhaps on some of the inner workings of
the impersonation mechanism that may help describe my results?

Sean.

On Wed, 2006-11-15 at 23:25 +0000, DePriest, Jason R. wrote:
<snip>
> 
> You can however add the environment variables you want to the Windows
> registry directly.
> 
> Basically, look in HKLM\SYSTEM\CurrentControlSet\Services\<ssh
> service>\Parameters\Environment\
> 
<snip>
> -Jason
> 


--
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple
Problem reports:       http://cygwin.com/problems.html
Documentation:         http://cygwin.com/docs.html
FAQ:                   http://cygwin.com/faq/