Created SC2029 (markdown)

2025-10-03 19:29:44 +08:00 · 2014-11-07 11:26:37 -08:00
parent a92bfa6e87
commit 9065326b62
1 changed files with 27 additions and 0 deletions
--- a/SC2029.md
+++ b/SC2029.md
@@ -0,0 +1,27 @@
+## Note that, unescaped, this expands on the client side.
+
+### Problematic code:
+
+    ssh host "echo $HOSTNAME"
+
+### Correct code:
+
+    ssh host "echo \$HOSTNAME"
+
+or
+
+    ssh host 'echo $HOSTNAME'
+
+### Rationale:
+
+Bash expands all arguments that are not escaped/singlequoted. This means that the problematic code is identical to
+
+    ssh host "echo clienthostname"
+
+and will print out the client's hostname, not the server's hostname.
+
+By escaping the `$` in `$HOSTNAME`, it will be transmitted literally and evaluated on the server instead.
+
+### Contraindications
+
+If you do want your string expanded on the client side, you can safely ignore this message.