From ecc9d46dc53cddb5a220f89e6160b3ca6178bb9c Mon Sep 17 00:00:00 2001
From: Darren Tucker <dtucker@zip.com.au>
Date: Fri, 6 Feb 2004 16:04:08 +1100
Subject:  - (dtucker) [sshd.c] Bug #757: Clear child's environment to prevent 
   accidentally inheriting from root's environment.  ok djm@

---
 ChangeLog | 4 +++-
 sshd.c    | 6 ++++++
 2 files changed, 9 insertions(+), 1 deletion(-)

diff --git a/ChangeLog b/ChangeLog
index 7ce9e023..4db09761 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -7,6 +7,8 @@
  - (dtucker) [configure.ac] Bug #748: Always define BROKEN_GETADDRINFO
    for HP-UX 11.11.  If there are known-good configs where this is not
    required, please report them.  ok djm@
+ - (dtucker) [sshd.c] Bug #757: Clear child's environment to prevent
+   accidentally inheriting from root's environment.  ok djm@
 
 20040129
  - (dtucker) OpenBSD CVS Sync regress/
@@ -1792,4 +1794,4 @@
  - Fix sshd BindAddress and -b options for systems using fake-getaddrinfo.
    Report from murple@murple.net, diagnosis from dtucker@zip.com.au
 
-$Id: ChangeLog,v 1.3208 2004/02/06 04:59:06 dtucker Exp $
+$Id: ChangeLog,v 1.3209 2004/02/06 05:04:08 dtucker Exp $
diff --git a/sshd.c b/sshd.c
index ab029b00..ebb44db7 100644
--- a/sshd.c
+++ b/sshd.c
@@ -101,6 +101,7 @@ extern char *__progname;
 #else
 char *__progname;
 #endif
+extern char **environ;
 
 /* Server configuration options. */
 ServerOptions options;
@@ -1101,6 +1102,11 @@ main(int ac, char **av)
 	   unmounted if desired. */
 	chdir("/");
 
+#ifndef HAVE_CYGWIN
+	/* Clear environment */
+	environ[0] = NULL;
+#endif
+
 	/* ignore SIGPIPE */
 	signal(SIGPIPE, SIG_IGN);
 
-- 
cgit v1.2.1