On Thu, Aug 13, 2009 at 11:08 AM, Simon Tatham<anakin at pobox.com> wrote:
>> From <http://tools.ietf.org/html/rfc4254#section-6.5>:
>>> It is RECOMMENDED that the reply to these messages be requested and
>>> checked. The client SHOULD ignore these messages.
>
> Jim Wigginton <terrafrost at gmail.com> wrote:
>> Recommending SSH_MSG_CHANNEL_REQUEST responses be checked and then
>> saying, later, that they should be ignored, seems a little
>> contradictory. If you ignore them, you're not checking them, and if
>> you check them, you're not ignoring them.
>
> I think you've misparsed. In both those sentences, "these messages"
> denote the SSH_MSG_CHANNEL_REQUESTs themselves, not the responses.
Rereading it, I think you're right.
> The second sentence says that if the _server_ should ever send the
> _client_ an SSH_MSG_CHANNEL_REQUEST that asks to start a shell or
> command or subsystem, the client should ignore it! (Probably most
> relevant to people who are writing both a client and server
> implementation which share code, in which one might accidentally
> leave in the code that responds to requests and end up with the
> client able to respond to all sorts of inappropriate requests if a
> malicious server should take it into its head to send them.)
Seems kinda redundant given this:
6.1. Opening a Session
A session is started by sending the following message.
byte SSH_MSG_CHANNEL_OPEN
string "session"
uint32 sender channel
uint32 initial window size
uint32 maximum packet size
Client implementations SHOULD reject any session channel open
requests to make it more difficult for a corrupt server to attack the
client.
Of course, redundancy isn't necessarily a bad thing.
Anyway, thanks!
Note Well: Messages sent to this mailing list are the opinions of the senders and do not imply endorsement by the IETF.