[Bug 3142] ProxyCommand should be interpreted by a fixed shell like /bin/sh .

bugzilla-daemon at mindrot.org bugzilla-daemon at mindrot.org
Tue Mar 31 11:55:25 AEDT 2020


https://bugzilla.mindrot.org/show_bug.cgi?id=3142

--- Comment #3 from Tetsuo Handa <penguin-kernel at I-love.SAKURA.ne.jp> ---
I don't think that ProxyCommand is subjected to restricted shells, for
the shell used for interpreting ProxyCommand is currently controllable
by $SHELL environment variable.

If you do want to enforce restricted shell specified in /etc/passwd
file, you must ignore $SHELL (and you will break my program calling
batched operations using /usr/bin/ssh from Apache CGI).

-- 
You are receiving this mail because:
You are watching someone on the CC list of the bug.
You are watching the assignee of the bug.


More information about the openssh-bugs mailing list