Yep.
Here's a patch. This catches the case of mistyping the "-i" argument into
anything else, and also catches the generic case of any extra arguments.
$ diff -U 2 /usr/bin/ssh-copy-id /tmp/ssh-copy-id
--- /usr/bin/ssh-copy-id 2010-08-10 04:36:09.000000000 +0100
+++ /tmp/ssh-copy-id 2011-08-31 23:38:38.052511425 +0100
@@ -25,4 +25,9 @@
fi
+if [ $# -gt 1 ]; then
+ echo "Usage: ssh-copy-id [-i id_file] [user@]machine" 1>&2
+ exit 1;
+fi
+
if [ -z "`eval $GET_ID`" ] && [ -r "${ID_FILE}" ] ; then
GET_ID="cat ${ID_FILE}"
On 08/31/2011 11:01 PM, Serge Hallyn wrote:
> Thanks for taking the time to report this bug. I trivially confirmed it
> with your example. I was thinking it was corrupting the
> authorized_keys, but as it isn't, and as the garbled response is
> reasonably obviously an indication of an error, I will mark priority
> low.
>
> ** Changed in: openssh (Ubuntu)
> Importance: Undecided => High
>
> ** Changed in: openssh (Ubuntu)
> Status: New => Confirmed
>
> ** Changed in: openssh (Ubuntu)
> Importance: High => Low
>
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/835901
Title:
ssh-copy-id: fails to sanitize arguments
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/openssh/+bug/835901/+subscriptions
--
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
