[Bug 256233] security/doas: target user's login class gets ignored

In reply to: bugzilla-noreply_a_freebsd.org: "[Bug 256233] security/doas: target user's login class gets ignored"
Go to: [ bottom of page ] [ top of archives ] [ this month ]

From: <bugzilla-noreply_at_freebsd.org>
Date: Mon, 31 May 2021 14:07:51 UTC

https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=256233

--- Comment #5 from jsmith@resonatingmedia.com ---
Since lang and welcome are both environment variables I'd expect them to be
ignored (when using doas's keepenv flag) or wiped out if keepenv isn't
specified in doas.conf. The calling user isn't likely to want to have their
language setting suddenly change to the target user's when they run a command.

You are correct that setusercontext() can be used to set some environment
variables to the target user's settings. According to the manual page lang,
charset, timezone, and term are supported. (Looks like welcome/motd is not.)
But I'm not sure it's a good idea to risk doing that as it means switching the
language settings could make a mess of the terminal and input of the calling
user.

Is there a reason why I'd want my language settings and/or timezone to change
when running doas? It seems like it would cause more problems than offer
solutions. But I'm open to the idea.

-- 
You are receiving this mail because:
You are the assignee for the bug.