scp not tolerant of extraneous shell messages

[Markus Friedl]

On Tue, Jul 02, 2002 at 11:06:54AM -0700, Dan Kaminsky wrote:
> Name an FTPD that does.  Just one.

yes, that's the point. ftpds run with the environment
of root or a less trused user, but usually not under
the uid of the authenticated user.

however, sftp-server runs under the environment of
the authenticated user, so it's much more resticted.

as i said before, don't give away powerful shells
if you don't want to give away powerful shells.

-m