X-Spam-Check-By: sourceware.org
Subject: Re: Windows environment variables in ssh sessions with privilege 	seperation
From: Sean Morgan <morgan AT schrodinger DOT com>
To: cygwin AT cygwin DOT com
In-Reply-To: <31b7d2790611151525q7c69b099uaa790633a6539ca9@mail.gmail.com>
References: <1163631780 DOT 4704 DOT 66 DOT camel AT Ruksana DOT schrodinger DOT com> 	 <31b7d2790611151525q7c69b099uaa790633a6539ca9 AT mail DOT gmail DOT com>
Content-Type: text/plain
Date: Wed, 15 Nov 2006 17:30:02 -0800
Message-Id: <1163640602.4704.97.camel@Ruksana.schrodinger.com>
Mime-Version: 1.0
X-Mailer: Evolution 2.0.2 (2.0.2-27.rhel4.6)
Content-Transfer-Encoding: 7bit
X-IsSubscribed: yes
Mailing-List: contact cygwin-help AT cygwin DOT com; run by ezmlm
Precedence: bulk
List-Unsubscribe: <mailto:cygwin-unsubscribe-archive-cygwin=delorie DOT com AT cygwin DOT com>
List-Subscribe: <mailto:cygwin-subscribe AT cygwin DOT com>
List-Archive: <http://sourceware.org/ml/cygwin/>
List-Post: <mailto:cygwin AT cygwin DOT com>
List-Help: <mailto:cygwin-help AT cygwin DOT com>, <http://sourceware.org/ml/#faqs>
Sender: cygwin-owner AT cygwin DOT com
Mail-Followup-To: cygwin AT cygwin DOT com
Delivered-To: mailing list cygwin AT cygwin DOT com

Adding the environment variables to HKEY_LOCAL_MACHINE\SYSTEM
\CurrentControlSet\Services\sshd\Parameters\Environment does not seem to
have an effect outside of the CYGWIN variable which does in fact change
after editing the registry. This provided me with some verification that
I had in fact been carrying out my experimentation on the appropriate
key.

>From an ssh sessions here's a sample of the contents of the environment
key:

reg query "HKLM\system\currentcontrolset\services\sshd\parameters
\environment"

! REG.EXE VERSION 3.0

HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sshd\parameters
\environment
    CYGWIN      REG_SZ  ntsec tty binmode smbntsec
    PERLDB_OPTS REG_SZ  RemotePort=127.0.0.1:2000

Doing a 

	set | grep -i perldb

after restarting sshd or rebooting yields nothing.

Is it possible that these are getting set in the environment of the
service user but not exported to the shell of the impersonated user? Can
someone shed some more light perhaps on some of the inner workings of
the impersonation mechanism that may help describe my results?

Sean.

On Wed, 2006-11-15 at 23:25 +0000, DePriest, Jason R. wrote:
<snip>
> 
> You can however add the environment variables you want to the Windows
> registry directly.
> 
> Basically, look in HKLM\SYSTEM\CurrentControlSet\Services\<ssh
> service>\Parameters\Environment\
> 
<snip>
> -Jason
> 


--
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple
Problem reports:       http://cygwin.com/problems.html
Documentation:         http://cygwin.com/docs.html
FAQ:                   http://cygwin.com/faq/