Since valid commands are match by "[[ "${SSH_ORIGINAL_COMMAND-}" =~ $line ]]" and "$line" is not quoted, it can cause undesired effects.
For example if one of the match rules is "$. || 1", even though "$." is impossible to match, the logical or is evaluated and always return true (match/valid) due to the "1".
ProblemType: Bug
DistroRelease: Ubuntu 20.04
Package: restricted-ssh-commands 0.4-1
ProcVersionSignature: Ubuntu 5.4.0-70.78-generic 5.4.94
Uname: Linux 5.4.0-70-generic x86_64
ApportVersion: 2.20.11-0ubuntu27.16
Architecture: amd64
CasperMD5CheckResult: skip
Date: Sun Apr 4 00:56:14 2021
Dependencies:
InstallationDate: Installed on 2020-04-13 (355 days ago)
InstallationMedia: Ubuntu 18.04.4 LTS "Bionic Beaver" - Release amd64 (20200203.1)
PackageArchitecture: all
ProcEnviron:
TERM=xterm-256color
PATH=(custom, no user)
LANG=es_ES.UTF-8
SHELL=/bin/bash
SourcePackage: restricted-ssh-commands
UpgradeStatus: Upgraded to focal on 2020-05-06 (332 days ago)
Hello Miguel, can you give a concrete example to demonstrate the issue?
The bash(1) manpage and the wolledge bash wiki give me the strong impression that the variable containing the regex should *not* be quoted:
http://
The quotes around the right-hand side of the =~ operator cause it to become a string, rather than a RegularExpression. If you want to use a long or complicated regular expression and avoid lots of backslash escaping, put it in a variable:
re='some RE'
if [[ $foo =~ $re ]]
This also works around the difference in how =~ works across different versions of bash. Using a variable avoids some nasty and subtle problems.
http://
brackets. If the pattern is stored in a shell variable,
quoting the variable expansion forces the entire pattern to
be matched as a string. Substrings matched by parenthesized
Thanks