With bash
or ksh
as /bin/sh
If your remote /bin/sh
is provided by bash or ksh, you can safely do the following with an untrusted argument list, such that even malicious names (like $(rm -rf $HOME).txt
) can be passed as arguments safely:
runRemote() {
local args script
script=$1; shift
# generate eval-safe quoted version of current argument list
printf -v args '%q ' "$@"
# pass that through on the command line to bash -s
# note that $args is parsed remotely by /bin/sh, not by bash!
ssh user@remote-addr "bash -s -- $args" < "$script"
}
...thereafter:
runRemote test.sh testparam
With Any POSIX-Compliant /bin/sh
Note that the following still needs to be run in bash
, but will work correctly when the system being ssh
'd into has a /bin/sh
that is POSIX-baseline, so long as the remote machine has bash installed.
To be safe against sufficiently malicious argument data (attempting to take advantage of the non-POSIX compliant quoting used by printf %q
in bash when nonprintable characters are present in the string being escaped) even with a /bin/sh
that is baseline-POSIX (such as dash
or ash
), it gets a bit more interesting:
runRemote() {
local script=$1; shift
local args
printf -v args '%q ' "$@"
ssh user@remote-addr "bash -s" <<EOF
# pass quoted arguments through for parsing by remote bash
set -- $args
# substitute literal script text into heredoc
$(< "$script")
EOF
}
Similarly invoked as:
runRemote test.sh testparam
与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…