scp not tolerant of extraneous shell messages

[Dan Kaminsky]

>
>
>After saying that.  I still agree that the user's shell needs to be ran.
>=) Because it's the correct way for UNIX to handle things.
>  
>
OK, so I modify my .profile to execute arbitrary commands.  Look mah, 
every time I access a file on a machine, it's "implied" that I have the 
right to execute stuff on it too.

You *do* realize this is the kind of logic that's cursed us with macro 
virii, right?

*Sigh* SFTP executes from lower security (command execution) to higher 
security (file exchange).  It's actually less secure than FTP.

The fix involves detecting an SFTP client in the connection headers, 
launching an SSHD that refuses to do anything *but* run sftp-server, and 
removing all exec style functionality from it.  That gives us a clean 
file transfer environment w/ SSH-class comm security.

--Dan