recursive operations in sftp

Damien Miller djm at
Tue Dec 7 14:29:03 EST 2004

Andrew Mortensen wrote:
> Is there anyone actively working on adding recursive operations to 
> sftp? 

I'm not actively working on it, but I would really like to have it :)

> If there are people working quietly on recursive op patches, I'd like 
> to hear from you. I've been putting some things together for a patch, 
> and it would be best if we can avoid duplication of effort. I'd also 
> like to hear from the maintainers regarding what they would deem 
> acceptable as a patch that adds recursive operations. In past 
> discussions, fts has been recommended. I've written put -r code using 
> fts. It's straightforward, as suggested by Ben Lidstrom in the comments 
> for bug 520, but as far as I know, no work has been done on making fts 
> capable of dealing with remote operations.

Please send this to the list, or attach it to bugzilla. I don't think
that we need to wait to have both get -r and put -r implemented before
adding support for one of them.

> Are recursive operations based on a modified form of fts the only sort 
> of patch acceptable? I've got a patch for recursive rm, too, but it 
> uses recursion to accomplish its task.

Yeah, I'm quite wary of recursion to accomplish this - an attacker could
mount a DoS against you by building a deep hierarchy. rm is also
problematic because of race conditions in the protocol - it lacks a
"moral equivalent" of O_NOFOLLOW.

A modified fts() seems to be a fairly easy way to do this iteratively,
but I'm certainly happy to hear other approaches.


More information about the openssh-unix-dev mailing list