[Bug 943] sftp will not send from a named pipe
bugzilla-daemon at bugzilla.mindrot.org
bugzilla-daemon at bugzilla.mindrot.org
Wed Jun 27 13:49:19 EST 2007
http://bugzilla.mindrot.org/show_bug.cgi?id=943
Mark Fuller <azfuller at gmail.com> changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|RESOLVED |REOPENED
Resolution|WONTFIX |
--- Comment #9 from Mark Fuller <azfuller at gmail.com> 2007-06-27 13:49:17 ---
As the original bug report stated, the problem is with sftp (and scp).
We are not able to give shell access. Again, the issue is *security*.
We use a named pipe so that data isn't written to disk. It stands to
reason that we wouldn't grant shell access to such a system just as a
workaround to what was an overly broad "fix" when someone asking for
sftp/scp not to block.
The solution should be to allow/disallow FIFOs via a command-line parm.
Forcing everyone to never use them is not a solution. Forcing us to
grant shell access (a greater security risk) is not a solution.
I think you need to face it. The fix for #856 was too sweeping. I don't
mind patching SSH. But, that's not a long term solution. That's what
I'm asking for.
Thank you for your time.
Mark
--
Configure bugmail: http://bugzilla.mindrot.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
You are watching someone on the CC list of the bug.
More information about the openssh-bugs
mailing list