BUG?: Assigning a Perl script as user shell + sending commands on ssh connect

Brandon Simmons brandon.m.simmons at gmail.com
Fri Jul 27 13:46:37 EST 2007


On 7/26/07, Darren Tucker <dtucker at zip.com.au> wrote:
> On Thu, Jul 26, 2007 at 06:30:03PM -0400, Brandon Simmons wrote:
> > Hi,
> > This is sort of a strange issue. But I am experimenting with ways to
> > have a user log in and be presented with a perl script to interact
> > with. When I do either or both of the following:
> >
> >      1) set the user's shell to /usr/bin/myperlscript
> >
> >      2) specify ForceCommand /usr/bin/myperlscript, applied to my user
> >
> > ...I get strange behavior when a command is appended to the client
> > connect command in this way:
> >
> >      ssh -l user 192.168.1.2 ls /etc
> >
> > The output from the perl script is not printed immediately but waits
> > for a carriage return from the user before it is printed to the
> > screen> Here is an example using a test perl script:
> [...]
> > You can see that what I type is taken as <STDIN> by the script, so I
> > guess the output is stuck in a buffer somewhere. not sure if this is a
> > bug in OpenSSH or a perl oddity. Or maybe I really shouldn't be
> > setting my user's shell to be a script.
>
> Try setting stdin/out to unbuffered in your perl script:
>
>         select STDERR; $| = 1;
>         select STDOUT; $| = 1;
>
> --
> Darren Tucker (dtucker at zip.com.au)
> GPG key 8FF4FA69 / D9A3 86E9 7EEE AF4B B2D4  37C9 C982 80C7 8FF4 FA69
>     Good judgement comes with experience. Unfortunately, the experience
> usually comes from bad judgement.
>

Thanks, that did it. While we're on the subject, is what I'm doing
with setting a user's shell to a perl script a kosher thing to do. Are
there any security problems that you know of? I've been trying to
break it, but haven't been able to at this point.

thanks


More information about the openssh-unix-dev mailing list