* Steve Willer said: > > > Nope. ssh invokes the command you request by calling your shell, > > > with the '-c' argument, so if your shell is dynamically linked, sh > > > will fail to exec it, and your command (sash) won't get run. > > No, ssh invokes either an interactive shell or the command specified on the > > command line. > > Actually, this is kinda interesting. I just tried it out, and I couldn't > execute /bin/sash via ssh on my own account. I got two errors about libc > missing. Hmm... I just did it with ssh2 and the following command line: ssh2 -t grendel@jester.vip.net.pl /bin/sash No errors and no problems at all. > My root account has the default .profile, I think, and I was able to > convince it to run sash. I had to use ssh's -t parameter to make it work. Yes, it is needed so that you can see the prompt - an interactive shell must have a controlling terminal. > I got one libc error, but it continued. I can only assume ssh is executing > your startup files with bash but perhaps not running the command through > bash? No. ssh doesn't execute anything except what you specified on the command line. I put echos in all the startup files (sash reads only .aliasrc AFAIR and not any other config file) and none of them showed up. The only process running on the allocated terminal was sash. ssh forks and then execs directly what you typed on the command line. > The difference between the two users, as far as I can tell, is that my > user's .bash_profile says: > > . ~/.bashrc sash, AFAIK, is unable to source files using . (dot) > I guess this is what locked me out. > > The conclusion, then, is that it is possible to get into a system that has > sash installed but isn't using sash as root's prompt...if you're very > careful about your startup script. No, I think the startup script doesn't matter... marek
Attachment:
pgp6hiq45i6dU.pgp
Description: PGP signature