This is the mail archive of the cygwin mailing list for the Cygwin project.

Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

Re: Windows environment variables in ssh sessions with privilege seperation

Sean Morgan wrote:

> Adding the environment variables to HKEY_LOCAL_MACHINE\SYSTEM
> \CurrentControlSet\Services\sshd\Parameters\Environment does not seem to
> have an effect outside of the CYGWIN variable which does in fact change
> after editing the registry. This provided me with some verification that
> I had in fact been carrying out my experimentation on the appropriate
> key.

This has nothing to do with privilege separation.  It is by design. 
Please see: <>

You can see the list of environment variables that are whitelisted in

static struct wenv {
        const char *name;
        size_t namelen;
} wenv_arr[] = {
        { NL("ALLUSERSPROFILE=") },
        { NL("COMPUTERNAME=") },
        { NL("COMSPEC=") },
        { NL("CYGWIN=") },
        { NL("NUMBER_OF_PROCESSORS=") },
        { NL("OS=") },
        { NL("PATH=") },
        { NL("PATHEXT=") },
        { NL("PROCESSOR_LEVEL=") },
        { NL("PROCESSOR_REVISION=") },
        { NL("PROGRAMFILES=") },
        { NL("SYSTEMDRIVE=") },
        { NL("SYSTEMROOT=") },
        { NL("TMP=") },
        { NL("TEMP=") },
        { NL("WINDIR=") }

Those are the only environment variables that will be propagated into
the newly created session.  The proper way to handle this is to set them
in an /etc/profile-type file, as you would on a unix/linux system.


Unsubscribe info:
Problem reports:

Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]