command [argument ...] in ssh(1): a footgun
Thorsten Glaser
t.glaser at tarent.de
Sat May 27 08:08:43 AEST 2023
On Fri, 26 May 2023, Mingye Wang (Artoria2e5) wrote:
> ssh(1) currently affords an argument-passing functionality, but as the manpage
> states, all arguments are simply concatenated by space.
How else would it do that? The arguments are processed by the
shell first then passed as an array of NUL-terminated strings.
> The modest proposal is that we put a giant CAVEATS section in the manual page.
That might be useful indeed.
> The less modest one is we throw out the "[argument ...]" part altogether. It
Absolutely not. This will break about all uses of ssh in existence.
> What about escaping the arguments? Nobody said the user has to use a POSIX
Absolutely not. This will break almost all uses of ssh in existence.
bye,
//mirabilos
--
Infrastrukturexperte • tarent solutions GmbH
Am Dickobskreuz 10, D-53121 Bonn • http://www.tarent.de/
Telephon +49 228 54881-393 • Fax: +49 228 54881-235
HRB AG Bonn 5168 • USt-ID (VAT): DE122264941
Geschäftsführer: Dr. Stefan Barth, Kai Ebenrett, Boris Esser, Alexander Steeg
****************************************************
/⁀\ The UTF-8 Ribbon
╲ ╱ Campaign against Mit dem tarent-Newsletter nichts mehr verpassen:
╳ HTML eMail! Also, https://www.tarent.de/newsletter
╱ ╲ header encryption!
****************************************************
More information about the openssh-unix-dev
mailing list