setting current dir of remote shell
Peter Stuge
stuge-openssh-unix-dev at cdy.org
Tue May 1 02:21:36 EST 2007
On Mon, Apr 30, 2007 at 09:36:50AM -0600, Bob Proulx wrote:
> > > I wish ssh had an option (e.g. -oCommanShell=/bin/sh)
> >
> > That would allow the client to circumvent any security policy
> > usually enforced by the shell on the server, which is a rather
> > bad idea.
>
> Uhm... Why? I don't understand. (But I can appreciate that a
> naive implementation may create problems.)
>
> Normally a user can invoke any arbitrary command on a remote
> machine.
Mh, well, no, not unless the shell permits it.
Both "exec" and "shell" in the SSH protocol use the user's shell to
run the command.
This is utilized by restricted shells.
//Peter
More information about the openssh-unix-dev
mailing list