Package: openssh-server Version: 1:5.1p1-5 Severity: normal For now in session.c there is child_set_env(&env, &envsize, "MAIL", buf);
That is not good, I believe, because it set MAIL to some hardcoder value (/var/mail/<username>). Sure, you could override it with pam_mail or pam_env. But I spent 10 minutes to find who set this variable. May be it would be better not to set it from session.c, but remove "noenv" from pam_mail line in /etc/pam.d/ssh, because pam_mail could export this variable itself. It would be much more clear if administrator had to specify this variable itself in pam configs, than is it hardcoded somewhere. To provide compatibility with old behavior, just remove "noenv" from pam_mail conf in pam.d/sshd and pam_mail will set this variable to /var/mail/<username> itself. -- System Information: Debian Release: 5.0.1 APT prefers proposed-updates APT policy: (670, 'proposed-updates'), (670, 'stable'), (620, 'testing-proposed-updates'), (620, 'testing'), (600, 'unstable'), (550, 'experimental') Architecture: i386 (i686) Kernel: Linux 2.6.26-2-openvz-686 (SMP w/1 CPU core) Locale: LANG=ru_RU.UTF-8, LC_CTYPE=ru_RU.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Versions of packages openssh-server depends on: ii adduser 3.110 add and remove users and groups ii debconf [debcon 1.5.24 Debian configuration management sy ii dpkg 1.14.25 Debian package management system ii libc6 2.7-18 GNU C Library: Shared libraries ii libcomerr2 1.41.3-1 common error description library ii libkrb53 1.6.dfsg.4~beta1-5lenny1 MIT Kerberos runtime libraries ii libpam-modules 1.0.1-5+lenny1 Pluggable Authentication Modules f ii libpam-runtime 1.0.1-5+lenny1 Runtime support for the PAM librar ii libpam0g 1.0.1-5+lenny1 Pluggable Authentication Modules l ii libselinux1 2.0.65-5 SELinux shared libraries ii libssl0.9.8 0.9.8g-15+lenny1 SSL shared libraries ii libwrap0 7.6.q-16 Wietse Venema's TCP wrappers libra ii lsb-base 3.2-20 Linux Standard Base 3.2 init scrip ii openssh-blackli 0.4.1 list of default blacklisted OpenSS ii openssh-client 1:5.1p1-5 secure shell client, an rlogin/rsh ii procps 1:3.2.7-11 /proc file system utilities ii zlib1g 1:1.2.3.3.dfsg-12 compression library - runtime Versions of packages openssh-server recommends: ii openssh-blacklist-extra 0.4.1 list of non-default blacklisted Op ii xauth 1:1.0.3-2 X authentication utility Versions of packages openssh-server suggests: pn molly-guard <none> (no description available) pn rssh <none> (no description available) pn ssh-askpass <none> (no description available) -- debconf information: ssh/vulnerable_host_keys: ssh/new_config: true * ssh/use_old_init_script: true * ssh/disable_cr_auth: false ssh/encrypted_host_key_but_no_keygen: -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
