summary |
shortlog |
log |
commit | commitdiff |
tree
raw |
patch |
inline | side by side (from parent 1:
27129d5)
Place control socket to $HOME/.ssh to disallow other users to access
the socket (or defence in depth).
exec the final ssh.
# User username
SSH_REMOTE_HOST=notmuch
# User username
SSH_REMOTE_HOST=notmuch
- SSH_CONTROL_PATH="-o ControlPath=/tmp/notmuch-remote.${USER}.%r@%h:%p"
+
+ # Note: for security reasons the control socket is placed in $HOME/.ssh
+ SSH_CONTROL_PATH="-o ControlPath=$HOME/.ssh/notmuch-remote.%r@%h:%p"
# Start a background master connection if one isn't running yet
ssh ${SSH_CONTROL_PATH} -O check ${SSH_REMOTE_HOST} 2>/dev/null ||
# Start a background master connection if one isn't running yet
ssh ${SSH_CONTROL_PATH} -O check ${SSH_REMOTE_HOST} 2>/dev/null ||
# This requires the bash version of printf (bashism)
printf -v ARGS "%q " "$@"
# This requires the bash version of printf (bashism)
printf -v ARGS "%q " "$@"
- ssh ${SSH_CONTROL_PATH} ${SSH_REMOTE_HOST} notmuch ${ARGS}
+ exec ssh ${SSH_CONTROL_PATH} ${SSH_REMOTE_HOST} notmuch ${ARGS}