我有一个运行Subversion和Mercurial服务的ssh框.在连接到此框时,脚本将验证用户是否仅运行mercurial或svn相关命令:
#!/bin/bash # # Verify that the requested command is an svnserve call. # # Note that sshd stores the command requested by the client in # the variable "SSH_ORIGINAL_COMMAND". echo $SSH_ORIGINAL_COMMAND | grep -E '^hg -R' ISHG=$? if [[ $SSH_ORIGINAL_COMMAND = "svnserve -t" || $ISHG -eq 0 ]] then exec $SSH_ORIGINAL_COMMAND else echo "You are only allowed svn access to this server." fi
问题是,hg验证不是很干净或安全.如果我在远程ssh命令中包含反引号,则“echo $SSH_ORIGINAL_COMMAND”行将很乐意执行它.有没有人有任何建议清理这一点?
谢谢!
是啊.不要使用shell.用一种语言编写一个程序,这个语言可以确保它将要执行的唯一二进制文件是白名单.