command [argument ...] in ssh(1): a footgun
Peter Stuge
peter at stuge.se
Tue May 30 04:35:34 AEST 2023
raf wrote:
> Not knowing the details of each user's login shell is
> precisely the reason that ssh couldn't ever do the
> quoting itself.
The footgun is unrelated to shells.
The SSH_MSG_CHANNEL_REQUEST protocol message for "exec" (RFC 4254)
channels which are used to run a single remote command contains
exactly one string for the command.
sshd (see bottom of do_child() in session.c) runs that command string as:
remote_users_shell -c command
//Peter
More information about the openssh-unix-dev
mailing list