From ffe27e54a4bb18d5d3bbd3f4cc93a41b8d94dfd2 Mon Sep 17 00:00:00 2001 From: "djm@openbsd.org" Date: Wed, 4 Oct 2023 04:03:50 +0000 Subject: upstream: add some cautionary text about % token expansion and shell metacharacters; based on report from vinci AT protonmail.ch OpenBSD-Commit-ID: aa1450a54fcee2f153ef70368d90edb1e7019113 --- ssh_config.5 | 14 ++++++++++++-- 1 file changed, 12 insertions(+), 2 deletions(-) diff --git a/ssh_config.5 b/ssh_config.5 index 7f64c2cf..367305d2 100644 --- a/ssh_config.5 +++ b/ssh_config.5 @@ -33,8 +33,8 @@ .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. .\" -.\" $OpenBSD: ssh_config.5,v 1.386 2023/08/28 09:52:09 djm Exp $ -.Dd $Mdocdate: August 28 2023 $ +.\" $OpenBSD: ssh_config.5,v 1.387 2023/10/04 04:03:50 djm Exp $ +.Dd $Mdocdate: October 4 2023 $ .Dt SSH_CONFIG 5 .Os .Sh NAME @@ -2206,6 +2206,16 @@ accepts all tokens. and .Cm ProxyJump accept the tokens %%, %h, %n, %p, and %r. +.Pp +Note that some of these directives build commands for execution via the shell. +Because +.Xr ssh 1 +performs no filtering or escaping of characters that have special meaning in +shell commands (e.g. quotes), it is the user's reposibility to ensure that +the arguments passed to +.Xr ssh 1 +do not contain such characters and that tokens are appropriately quoted +when used. .Sh ENVIRONMENT VARIABLES Arguments to some keywords can be expanded at runtime from environment variables on the client by enclosing them in -- cgit v1.2.3