Why is "AcceptEnv *" considered insecure?
Enabling environment processing may enable users to bypass access restrictions in some configurations using mechanisms such as
LD_PRELOAD
.
Not all version of the man pages for sshd_config
mention this. If your environment variables are changed beforehand and certain privileged processes are executed with new libraries specified by this, issues can result.
Take a look at http://www.dankalia.com/tutor/01005/0100501004.htm and search for "LD_PRELOAD
Exploit". Sorry, the page has no anchor links.
See also StackOverflow question: What is the LD_PRELOAD trick?
Setting environment variables after connection is fine, but when those variable are interpreted by the ssh daemon as set by AcceptEnv
, Bad Things may occur.