L A Walsh
2019-Sep-03 20:47 UTC
running ~/.ssh/rc doesn't use users shell or file's interpreter (Security issue?)
I have an rc script and ran across what appears to be a bug. In the rc script, I have the start line: #!/bin/bash, as well as it seems to ignore the user's shell. While one might argue that 'rc' is not executed, but sourced, at the very least it seems it should use the user's listed shell. If I have a user setup with 'rbash', 'rsh', for example, ssh would seem to ignore that and use /bin/sh.
Damien Miller
2019-Sep-05 07:17 UTC
running ~/.ssh/rc doesn't use users shell or file's interpreter (Security issue?)
On Tue, 3 Sep 2019, L A Walsh wrote:> I have an rc script and ran across what appears to be a bug. > > In the rc script, I have the start line: > #!/bin/bash, as well as it seems to ignore the user's shell. > > While one might argue that 'rc' is not executed, but sourced, > at the very least it seems it should use the user's listed > shell. > > If I have a user setup with 'rbash', 'rsh', for example, > ssh would seem to ignore that and use /bin/sh.The user rc file is actually run using the user's shell since 2001, though indirectly:> snprintf(cmd, sizeof cmd, "%s -c '%s %s'", > shell, _PATH_BSHELL, _PATH_SSH_USER_RC); > f = popen(cmd, "w");So restricted shells do have a chance to intervene. I don't think it would be possible to change how this is executed as doing so would potentially break a bunch of working setups in difficult to debug ways. -d