scp -t - revisited.....
stuge-openssh-unix-dev at cdy.org
Fri Dec 7 12:02:50 EST 2007
On Thu, Dec 06, 2007 at 05:26:14PM -0600, Larry Becke wrote:
> This leads me to believe that using the scp -t
> /some/path/to/a/directory command= in the authorized_keys file
> causes scp to forget/ignore everything after the remote hostname.
There is one more step between the remote scp (run with -t) and the
"remote filename" as specified in the local shell: The local scp.
> This gives us almost exactly what we were looking for
I think that depends on the local scp program.
What happens if you (within the scp protocol, not in the shell)
specify e.g. a new directory ../../../../../../../tmp/breakout ?
I would assume that /tmp/breakout is created.
If your local scp program is trusted then you're all set. But if that
was the case why bother with locking down the server?
> Like I said, I'm sitting here laughing right now, mostly because it
> was a lot of wasted effort on all sides to argue (or discuss with
> pointed statements) over something that already existed, even if it
> wasn't known or documented.
I still believe there was a good reason for that argument.
> (Wonders if this will be considered a bug to be fixed or quashed as
> it wasn't an intended *feature* of scp).... I hope not...
It's just a side effect of the rcp/scp design.
More information about the openssh-unix-dev