[Bug 943] sftp will not send from a named pipe

bugzilla-daemon at mindrot.org bugzilla-daemon at mindrot.org
Wed Oct 20 06:14:54 EST 2004


http://bugzilla.mindrot.org/show_bug.cgi?id=943

           Summary: sftp will not send from a named pipe
           Product: Portable OpenSSH
           Version: 3.9p1
          Platform: All
        OS/Version: All
            Status: NEW
          Severity: normal
          Priority: P2
         Component: sftp
        AssignedTo: openssh-bugs at mindrot.org
        ReportedBy: mark.fuller at earthlink.net


An older version of sftp (version 1, dated 2002) will "put" from a named pipe. 
Later versions (version 3) fail with the message 

  Can't upload /home/b2bsockt/data/.pipes/6806-1: not a regular file

I believe this is a bug (an unnecessary restriction). Considering the secure 
nature of ssh/sftp, I believe it is valid to put from named pipes which are 
being written to by a child process which may be encrypting sensitive data. A 
pipe is no more secure than a regular file. But, 1) at least not all the data 
is visible at once, and 2) data catted off the pipe will be missing in the sftp 
target file. This will result in checksum errors and at least an error 
indicating (if it occurs a few times) that intrusion has occured.

Our relies upon using named pipes as files. I hope this functionality can be 
reinstated. (Or, another way to accomplish the same goal?)

Thanks,
Mark



------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.




More information about the openssh-bugs mailing list