Is this exploitable? And if so is there a CVE to rectify it?
From the article:
The ssh manpage vaguely alludes to this behaviour with the following sentence: If a command is specified, it will be executed on the remote host instead of a login shell. A complete command line may be specified as command, or it may have additional arguments. If supplied, the arguments will be appended to the command, separated by spaces, before it is sent to the server to be executed.
The sentence I’m referring to is If supplied, the arguments will be appended to the command, separated by spaces, but to my mind it is very unclear and fails to convey the fact that ssh does its own expansion of command line arguments containing spaces themselves.”
$10 for the tape and make sure you have an exact knife and a steady hand. Super worth it
Maybe it’s just a test like bernie’s proposal to tax a higher rate after 999 million annual income. No one makes that but why would they not pass that into law?
I’m all over the board on this one. I’ll just take my adhd diagnosis and scurry along my way
@Virgo
@lemmy.world