command [argument ...] in ssh(1): a footgun

Thorsten Glaser t.glaser at tarent.de
Sun May 28 12:58:47 AEST 2023


On Sun, 28 May 2023, raf wrote:

>> >  "so any spaces in individual arguments must be
>> 
>> Must they? No, a single space will do just fine.
>
>They do if you want the receiving shell to not interpret
>the space as a separator between arguments.

Nope.

tg at caas:~ $ echo foo >'a   b'
tg at caas:~ $ ^D
Connection to caas[…] closed.        

$ ssh caas cat \'a \  b\'
foo

Nothing special about explicit space vs. implicit space by
argument separator here. On the recipient side, the entire
argument vector is just space-joined into one string then
passed to the (remote)local shell. Where the space comes
from is irrelevant.

>> has the effect you want; the first backslash is eaten by the
>> local shell.
>
>Perhaps that depends on the local shell.

Yes, I had a different one in mind with this, see the other mail.
POSIX does guarantee this (even though it still “feels wrong” to
me).

>That wasn't one of my examples. That wouldn't work for
>a file "a  b", as you say.

See above. For "a  b" you could use \'a \ b\'.

>> the opposite effect. I’d rather give a short line there, with a
>> reference to .Sx CAVEATS below.
>
>Yes, as long as it explicitly refers the reader to CAVEAT.

That’s what .Sx does, though such an explicit reference is
only appropriate in the most dire cases. (Given what I’ve
seen able shell quoting, this does count.)

bye,
//mirabilos
-- 
Infrastrukturexperte • tarent solutions GmbH
Am Dickobskreuz 10, D-53121 Bonn • http://www.tarent.de/
Telephon +49 228 54881-393 • Fax: +49 228 54881-235
HRB AG Bonn 5168 • USt-ID (VAT): DE122264941
Geschäftsführer: Dr. Stefan Barth, Kai Ebenrett, Boris Esser, Alexander Steeg

                        ****************************************************
/⁀\ The UTF-8 Ribbon
╲ ╱ Campaign against      Mit dem tarent-Newsletter nichts mehr verpassen:
 ╳  HTML eMail! Also,     https://www.tarent.de/newsletter
╱ ╲ header encryption!
                        ****************************************************


More information about the openssh-unix-dev mailing list