[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Can someone explain this?
|
From: |
Maarten Billemont |
|
Subject: |
Re: Can someone explain this? |
|
Date: |
Sat, 12 Feb 2011 20:14:28 +0100 |
On 12 Feb 2011, at 09:28, Andreas Schwab wrote:
>
> Bob Proulx <bob@proulx.com> writes:
>
>> Dennis Williamson wrote:
>>> Yes, do your quoting like this:
>>> ssh localhost 'bash -c "cd /tmp; pwd"'
>>
>> I am a big fan of piping the script to the remote shell.
>>
>> $ echo "cd /tmp && pwd" | ssh example.com bash
>> /tmp
>
> Even better:
>
> $ ssh example.com bash <<\EOF
> cd /tmp && pwd
> EOF
>
> That avoids having to watch out for ' vs " quoting.
>
> Andreas.
The trouble with using stdin is that it becomes much harder to pass user data.
If it's simple strings, one might be tempted to expand them instead:
ssh example.com bash <<EOF
cd "$remoteDir" && pwd
EOF
But that would be a really bad idea, since you're injecting data into bash code
(if you don't see it yet, imagine a user forces remoteDir to contain mypath";
rm -rf ~; : "). The only sane way I can think of to solve this problem in a
generically applicable fashion, is to use a construct such as:
ssh example.com bash <<< "$(printf 'cd %q; pwd' "$remoteDir")"
- Can someone explain this?, Jon Seymour, 2011/02/11
- Re: Can someone explain this?, Jon Seymour, 2011/02/11
- Re: Can someone explain this?, Dennis Williamson, 2011/02/11
- Re: Can someone explain this?, Jon Seymour, 2011/02/11
- Re: Can someone explain this?, Dennis Williamson, 2011/02/11
- Re: Can someone explain this?, Bob Proulx, 2011/02/12
- Re: Can someone explain this?, Jon Seymour, 2011/02/12
- Re: Can someone explain this?, Andreas Schwab, 2011/02/12
- Re: Can someone explain this?,
Maarten Billemont <=