scp remote path specification

Pekka Savola pekkas at netcore.fi
Tue Dec 19 02:02:24 EST 2000


On 18 Dec 2000, Jan IVEN wrote:

> Hello,
>
> in order to use "scp", the scp binary has to be in the compile-time
> default path on the remote host. For some users (like root), we try to
> avoid this since scp may be on a network file system (AFS/NFS), and we
> don't want to hang root's session on network outages.
>
> Would a patch to scp be acceptable in the main tree that allows to set
> the path to remote scp explicity, either as a new command line or as
> an ENV variable (it looks like a ssh config file parameter won't work,
> since the file is not read by scp itself).
>
> I know that a workaround is to put "PATH=/path/to/bla" into these user's
> .ssh/environment or as a parameter to their key, but I don't want this
> PATH to be taken for interactive use.
>
> Please advise.
>
> Best regards
> Jan Iven
>
> PS: a small patch so that /full/path/to/scp will find the
> corresponding local /full/path/to/ssh is appended below.

If I'm not mistaken, with this you can force the remote server to execute
a trojaned ssh, if you run e.g. '/tmp/scp user at remote:xxx .' and have
managed to create /tmp/ssh on the remote system.

Doesn't look good as this this breaks sshd expectations with regard to
PATH and what users can control.

-- 
Pekka Savola                    "Tell me of difficulties surmounted,
Netcore Oy                      not those you stumble over and fall"
Systems. Networks. Security.     -- Robert Jordan: A Crown of Swords






More information about the openssh-unix-dev mailing list