SSH can strangely handle spaces in command line arguments
One of the things ssh can do is run a command on a remote server. Most of us expect it to work transparently, just passing the command and its arguments without any surprises in the process. But after 23 years of almost daily use of OpenSSH, [Martin Kjellstrand] was surprised.
It turns out that the usual rules for how things are parsed can have awkward edge cases when spaces are involved. [Martin] runs an example like this:
One would reasonably expect the commands figlet foobar bar\baz and ssh localhost figlet foobar bar\baz to be functionally equivalent, right? The first finally executes the "figlet" command with the arguments "foobar" and "bar baz" on the local machine. The second does the same, except ssh is involved in the middle. As mentioned, one would expect the two commands to be functionally identical, but that is not what happens. What happens is that ssh turns bar\baz into two separate command line arguments during the send-for-execution process: "bar" and "baz". The result is a spoof because the command does not run as expected by the user, if it runs at all.
What exactly is going on here? [Martin] extensively details this strange behavior and how it occurs, but ultimately fails to explain why ssh does things the way it does. He suspects it's the result of a design decision made a long time ago. Or maybe a bug that over time has been promoted to ingrained quirk.
Do you have any ideas or knowledge about this behavior? If so, [Martin] wants to hear about it and so do we, so don't keep it to yourself! Let us know in the comments below.
One of the things ssh can do is run a command on a remote server. Most of us expect it to work transparently, just passing the command and its arguments without any surprises in the process. But after 23 years of almost daily use of OpenSSH, [Martin Kjellstrand] was surprised.
It turns out that the usual rules for how things are parsed can have awkward edge cases when spaces are involved. [Martin] runs an example like this:
One would reasonably expect the commands figlet foobar bar\baz and ssh localhost figlet foobar bar\baz to be functionally equivalent, right? The first finally executes the "figlet" command with the arguments "foobar" and "bar baz" on the local machine. The second does the same, except ssh is involved in the middle. As mentioned, one would expect the two commands to be functionally identical, but that is not what happens. What happens is that ssh turns bar\baz into two separate command line arguments during the send-for-execution process: "bar" and "baz". The result is a spoof because the command does not run as expected by the user, if it runs at all.
What exactly is going on here? [Martin] extensively details this strange behavior and how it occurs, but ultimately fails to explain why ssh does things the way it does. He suspects it's the result of a design decision made a long time ago. Or maybe a bug that over time has been promoted to ingrained quirk.
Do you have any ideas or knowledge about this behavior? If so, [Martin] wants to hear about it and so do we, so don't keep it to yourself! Let us know in the comments below.
What's Your Reaction?
![Three of ID's top PR executives quit ad firm Powerhouse [EXCLUSIVE]](https://variety.com/wp-content/uploads/2023/02/ID-PR-Logo.jpg?#){kind=logo}
