On Wed, 30 Nov 2022, Theo de Raadt wrote: > >> It allows a much tighter pledge in the client, so less attack surface > >> against a bad server. > > > >So it's to prevent a malicious SSH server from exploiting a client who > >choses to use ~C to open up the ssh> prompt and create or destroy > >tunnels? > > No. > > > It makes ssh safer for people who don't use the fancy features, > because the ssh client cannot perform a vast number of system calls > if it gets fooled.
Anyway it's all committed now, including additional pledge(2) restrictions as well as documentation for the new option which ended up being called EnableEscapeCommandline to avoid some ambiguity. You can switch it on everywhere you need to command-line. -d
