sftp: Add "PermitLocalCommand no" to the OpenSSH commandline

Add "PermitLocalCommand no" to the OpenSSH commandline to prevent user-configured commands running and interfering with the sftp session. This is what the OpenSSH sftp client does. https://bugzilla.gnome.org/show_bug.cgi?id=639599
author: Ross Lagerwall <rosslagerwall@gmail.com> 2013-11-14 16:50:46 +0200
committer: Ross Lagerwall <rosslagerwall@gmail.com> 2013-11-15 16:57:30 +0200
commit: 100dbd9a53efc0dd18a6e0f9dc7083ed584ffbee (patch)
tree: 0fb018674cd3e9c9287748f4ba7d26c4db21d3dd
parent: 66f204655a7ca44a20dea2dae267c456c714c4af (diff)
download: gvfs-100dbd9a53efc0dd18a6e0f9dc7083ed584ffbee.tar.gz
1 files changed, 1 insertions, 0 deletions
diff --git a/daemon/gvfsbackendsftp.c b/daemon/gvfsbackendsftp.c
index 99bfd5a7..23d5b00e 100644
--- a/daemon/gvfsbackendsftp.c
+++ b/daemon/gvfsbackendsftp.c
@@ -435,6 +435,7 @@ setup_ssh_commandline (GVfsBackend *backend)
     {
       args[last_arg++] = g_strdup ("-oForwardX11 no");
       args[last_arg++] = g_strdup ("-oForwardAgent no");
+      args[last_arg++] = g_strdup ("-oPermitLocalCommand no");
       args[last_arg++] = g_strdup ("-oClearAllForwardings yes");
       args[last_arg++] = g_strdup ("-oProtocol 2");
       args[last_arg++] = g_strdup ("-oNoHostAuthenticationForLocalhost yes");
author	Ross Lagerwall <rosslagerwall@gmail.com>	2013-11-14 16:50:46 +0200
committer	Ross Lagerwall <rosslagerwall@gmail.com>	2013-11-15 16:57:30 +0200
commit	100dbd9a53efc0dd18a6e0f9dc7083ed584ffbee (patch)
tree	0fb018674cd3e9c9287748f4ba7d26c4db21d3dd
parent	66f204655a7ca44a20dea2dae267c456c714c4af (diff)
download	gvfs-100dbd9a53efc0dd18a6e0f9dc7083ed584ffbee.tar.gz