Call for testing: OpenSSH 7.6
Damien Miller
djm at mindrot.org
Sat Sep 30 10:18:58 AEST 2017
On Fri, 29 Sep 2017, Darren Tucker wrote:
> On 29 September 2017 at 15:47, Damien Miller <djm at mindrot.org> wrote:
> > On Fri, 29 Sep 2017, Iain Morgan wrote:
> >
> >> Actually, according to OpenBSD's printenv(1) man page, it first appeared
> >> in 2BSD. The man page on OS X claims it was BSD 3.0. However, it doesn't
> >> appear to be part of any standard.
>
> of the systems I have available here: the BSDs Linux and AIX have it.
> Solaris doesn't have it in the standard path but it is in /usr/ucb.
>
> >> Your suggestion ran into the same issue as the original test, but
> >> escaping the evaluation by the user's shell appears to work:
> >>
> >> 'test -z `sh -c "echo \$SSH_USER_AUTH"`' || fail "SSH_USER_AUTH present"
>
> Well escaping something for the user's shell depends on the shell's
> escaping rules.
>
> > How about:
>
> Or how about we do the escaping on the client side where we know what
> the rules are and feed it to /bin/sh over stdin? Then it shouldn't
> matter what the shell is.
>
> test -z $(echo 'echo $SSH_USER_AUTH' | env SSH_USER_AUTH=blah ${SSH} -F \
> $OBJ/ssh_proxy x /bin/sh) || fail "SSH_USER_AUTH present"
All the escaping is on the client side in my patch, what gets sent is:
exec sh -c 'test -z "$SSH_USER_AUTH"'
which is IMO pretty unambiguous
-d
More information about the openssh-unix-dev
mailing list