scp not tolerant of extraneous shell messages

Ben Lindstrom mouring at etoh.eviladmin.org
Wed Jul 3 01:58:29 EST 2002


On Tue, 2 Jul 2002 Nicolas.Williams at ubsw.com wrote:

> On Tue, 2 Jul 2002, Ben Lindstrom wrote:
> > On Tue, 2 Jul 2002, Markus Friedl wrote:
> > > more people think the shell should always be involved.
> > >
> > > otherwise you can still sftp if the shell is set
> > > to /bin/false for example.
> >
> > Only way around it would be trusting /etc/shells
>
> You still need to execute the shell because of environmental
> issues, some of which can't be handled through mechanisms
> provided by OpenSSH (e.g., umask). The umask could be made
> settable through auth_keys options or other ~/.ssh mechanisms,
> but even so, that would mean that users would have to setup
> such things in multiple locations and, in any case, it really
> would be surprising if shell initialization were not done at
> all (it's certainly a very useful thing).
>

umask can and is ignored by some sftp clients.  Mainly ones that are
windows based.  Mainly SSH Corp derived last I checked (a year ago).

So you are trusting that the software on the other side honors umask which
is a false thing to do since some sftp clients propogate their beliefs
(real or fictional) of what the permissions should be.

- Ben




More information about the openssh-unix-dev mailing list