diff options
author | Ross Lagerwall <rosslagerwall@gmail.com> | 2013-11-14 16:50:46 +0200 |
---|---|---|
committer | Ross Lagerwall <rosslagerwall@gmail.com> | 2013-11-15 16:57:30 +0200 |
commit | 100dbd9a53efc0dd18a6e0f9dc7083ed584ffbee (patch) | |
tree | 0fb018674cd3e9c9287748f4ba7d26c4db21d3dd | |
parent | 66f204655a7ca44a20dea2dae267c456c714c4af (diff) | |
download | gvfs-100dbd9a53efc0dd18a6e0f9dc7083ed584ffbee.tar.gz |
sftp: Add "PermitLocalCommand no" to the OpenSSH commandline
Add "PermitLocalCommand no" to the OpenSSH commandline to prevent
user-configured commands running and interfering with the sftp session.
This is what the OpenSSH sftp client does.
https://bugzilla.gnome.org/show_bug.cgi?id=639599
-rw-r--r-- | daemon/gvfsbackendsftp.c | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/daemon/gvfsbackendsftp.c b/daemon/gvfsbackendsftp.c index 99bfd5a7..23d5b00e 100644 --- a/daemon/gvfsbackendsftp.c +++ b/daemon/gvfsbackendsftp.c @@ -435,6 +435,7 @@ setup_ssh_commandline (GVfsBackend *backend) { args[last_arg++] = g_strdup ("-oForwardX11 no"); args[last_arg++] = g_strdup ("-oForwardAgent no"); + args[last_arg++] = g_strdup ("-oPermitLocalCommand no"); args[last_arg++] = g_strdup ("-oClearAllForwardings yes"); args[last_arg++] = g_strdup ("-oProtocol 2"); args[last_arg++] = g_strdup ("-oNoHostAuthenticationForLocalhost yes"); |