Expand description
Safe argument quoting for remote shell commands.
Every path or user-supplied string that is about to be interpolated into a
POSIX shell command must go through quote to defeat argument splitting,
globbing, and command injection. A filename containing ' or ; or $( is
otherwise a direct RCE against the remote host.
Functions§
- quote
- Wrap
sin single quotes, escaping any embedded single quotes using the portable POSIX idiom'\''. Always returns a quoted string, even for the empty string — callers should never concatenate unquoted. - validate_
pid - Validate that
sis a plain decimal integer in1..=u32::MAX, suitable for use as a PID. Returns the original string if valid. - validate_
signal - Validate a POSIX kill signal. Accepts a numeric signal in
1..=64or one of the common signal names. Returns the canonical form to interpolate directly.