restricted-ssh-commands regex check is not properly escaped
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
restricted-ssh-commands (Ubuntu) |
Invalid
|
Undecided
|
Unassigned |
Bug Description
Since valid commands are match by "[[ "${SSH_
For example if one of the match rules is "$. || 1", even though "$." is impossible to match, the logical or is evaluated and always return true (match/valid) due to the "1".
ProblemType: Bug
DistroRelease: Ubuntu 20.04
Package: restricted-
ProcVersionSign
Uname: Linux 5.4.0-70-generic x86_64
ApportVersion: 2.20.11-
Architecture: amd64
CasperMD5CheckR
Date: Sun Apr 4 00:56:14 2021
Dependencies:
InstallationDate: Installed on 2020-04-13 (355 days ago)
InstallationMedia: Ubuntu 18.04.4 LTS "Bionic Beaver" - Release amd64 (20200203.1)
PackageArchitec
ProcEnviron:
TERM=xterm-
PATH=(custom, no user)
LANG=es_ES.UTF-8
SHELL=/bin/bash
SourcePackage: restricted-
UpgradeStatus: Upgraded to focal on 2020-05-06 (332 days ago)
Changed in restricted-ssh-commands (Ubuntu): | |
status: | New → Incomplete |
information type: | Private Security → Public Security |
Hello Miguel, can you give a concrete example to demonstrate the issue?
The bash(1) manpage and the wolledge bash wiki give me the strong impression that the variable containing the regex should *not* be quoted:
http:// mywiki. wooledge. org/BashPitfall s#if_.5B. 5B_.24foo_ .3D.2BAH4_ .27some_ RE.27_. 5D.5D
The quotes around the right-hand side of the =~ operator cause it to become a string, rather than a RegularExpression. If you want to use a long or complicated regular expression and avoid lots of backslash escaping, put it in a variable:
re='some RE'
if [[ $foo =~ $re ]]
This also works around the difference in how =~ works across different versions of bash. Using a variable avoids some nasty and subtle problems.
http:// manpages. ubuntu. com/manpages/ focal/man1/ bash.1. html
brackets. If the pattern is stored in a shell variable,
quoting the variable expansion forces the entire pattern to
be matched as a string. Substrings matched by parenthesized
Thanks