scp -t . - possible idea for additional parameter

Larry Becke guyverdh at hotmail.com
Thu Oct 11 04:29:18 EST 2007


> Date: Wed, 10 Oct 2007 10:57:56 -0700> From: william at 25thandClement.com> To: guyverdh at hotmail.com> CC: openssh-unix-dev at mindrot.org> Subject: Re: scp -t . - possible idea for additional parameter> > On Wed, Oct 10, 2007 at 11:30:14AM -0500, Larry Becke wrote:> > chroot'ing should not be used as a security method, that's been clearly> > stated time and again.> > oh boy. it's statement like these that i've spent half this past week> rebutting people on LWN and LKML.> 
I'll stand by my comment as I intended it. chroot - by and of itself is not security function.
 
To blindly, and off the cuff, throw "if you want it secure, chroot it" statements out there leads to more problems than it solves.
 
staticly linking (and all the issues caused when library mis-match problems that can arise) vs dynamically linking and having to replicate the libraries for the chroot'd environment, and everything else that's involved with getting a process/application properly and securely chroot'd is not for the beginner.
 
For an application to be properly chroot'd it either needs to be designed with chroot in mind by more experienced developers, or needs to be clearly and effectively documented so that the not so experienced can do it.
 
The change that I am suggesting bypasses the inherit issues with chroot through simple means.
The fact that scp is designed to just *copy* files either direction is itself a blessing.
Simple file and directory management that anyone can do can make the remote directories secure by not using sym-links, mount point boundaries, etc...
 
 
_________________________________________________________________
Climb to the top of the charts!  Play Star Shuffle:  the word scramble challenge with star power.
http://club.live.com/star_shuffle.aspx?icid=starshuffle_wlmailtextlink_oct


More information about the openssh-unix-dev mailing list