SSH_AUTH_SOCK is not sanitized for eval
Closed this issue · 0 comments
cuviper commented
If you run something like ssh-pageant -a "foo bar"
, you'll get back SSH_AUTH_SOCK=foo bar; export SSH_AUTH_SOCK;
. When that's fed into eval as commonly suggested, the shell will complain bar: command not found
, because the space broke up the command string.
This can be a real issue if you try to use something like $LOCALAPPDATA/foo
, because Cygwin will let that Windows-style path work within ssh-pageant, but the eval will interpret backslashes in C:\Users\...
as shell escapes.
It really ought to be quoted, probably single quotes with extra handling in case the path includes single quotes itself.
FWIW, ssh-agent also doesn't quote anything, but I can't think of any good reason not to.