Re: AcceptEnv LANG LC_* vs available locales

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

 



On 4/25/22 08:23, Ingo Schwarze wrote:
> Hi Harald,
> 
> Harald Dunkel wrote on Mon, Apr 25, 2022 at 10:05:43AM +0200:
> 
>> forwarding LANG and LC_* variables to the peer seems to be only
>> reasonable,
> 
> Absolutely not, what a terrible idea.
> 
> For an introduction to the topic, see
> 
>   https://undeadly.org/cgi?action=article&sid=20160308204011
> 
> The end of that article specifically discusses ssh(1).
> 
>> if the peer supports theses locales. Is there some
>> workaround for this pitfall? Do you think the server could quietly
>> ignore unknown locales?
> 
> Ignore it?  But if it does, then there is nothing it can safely do short
> of rejecting the connection.
> 
>> Every helpful hint is highly appreciated
> 
> As discussed in the above writeup, the only way to make ssh(1)
> connections safe it to manually make sure, *before connecting*,
> that the same locale is set on both sides - ideally UTF-8.

It is also safe for the locale to be different, so long as the
character encodings match.  For instance, all UTF-8 locales are
compatible.

-- 
Sincerely,
Demi Marie Obenour (she/her/hers)

Attachment: OpenPGP_0xB288B55FFF9C22C1.asc
Description: OpenPGP public key

Attachment: OpenPGP_signature
Description: OpenPGP digital signature

_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev@xxxxxxxxxxx
https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux