setting current dir of remote shell
Bob Proulx
bob at proulx.com
Tue May 1 01:36:50 EST 2007
Peter Stuge wrote:
> Bob Proulx wrote:
> > I wish ssh had an option (e.g. -oCommanShell=/bin/sh)
>
> That would allow the client to circumvent any security policy usually
> enforced by the shell on the server, which is a rather bad idea.
Uhm... Why? I don't understand. (But I can appreciate that a naive
implementation may create problems.)
Normally a user can invoke any arbitrary command on a remote machine.
Invoking /bin/sh is just another command at that point. It will
either be allowed or it won't be allowed by the security policy
enforced on the server. Therefore I don't understand the issue as
raised. I don't see how in principle this would circumvent the server
security policy.
Bob
More information about the openssh-unix-dev
mailing list