One of the issues with ssh is that spawning processes isn't part of the protocol. And it's a remote protocol, so it can't pass local resources to the child. So you can't pass a null-separated array of arguments, pass extra file descriptors or specify an executable.
Instead it just passes a string to a server-configured shell. So you need to shell-escape things and know which shell is running on the server side.
To use SSH as a proper sudo replacement it'd need something closer to posix_spawn as an extension.
To use SSH as a proper sudo replacement it'd need something closer to posix_spawn as an extension.