[Bug 3200] Will future versions of openssh fix CVE-2020-15778?
bugzilla-daemon at mindrot.org
bugzilla-daemon at mindrot.org
Mon Apr 12 19:22:42 AEST 2021
https://bugzilla.mindrot.org/show_bug.cgi?id=3200
--- Comment #2 from kircher <kircherlike at outlook.com> ---
Maybe we can prevent this by configuring the mandatory command.
A simple example is:
ForceCommand if [[ -z $SSH_ORIGINAL_COMMAND ]];then exec /bin/bash
-il;elif [[ -z "$(echo $SSH_ORIGINAL_COMMAND | grep scp | grep '`')"
]];then exec /bin/bash -c "$SSH_ORIGINAL_COMMAND";else echo backquote
not allow in scp;fi
--
You are receiving this mail because:
You are watching the assignee of the bug.
You are watching someone on the CC list of the bug.
More information about the openssh-bugs
mailing list