scp -t . - possible idea for additional parameter

Larry Becke guyverdh at
Fri Oct 12 05:43:31 EST 2007

On 2007-10-11 18:01, Larry Becke wrote:>> Can this be done? >Theoretically. See my previous message.I must have missed it.
> Is it so terribly hard to add the feature?>It's not easy. See my previous message, and do a little research on path>canonicalization and past directory traversal vulnerabilities in, e.g.>IIS and Apache, to understand this better.
To throw an error and exit if "../" is in the remote path parameter?
To add a "./" between hostname: and /path/to/dir in the remote path parameter?
Just asking, as I know how to do this in the languages that I use.
Unfortunately, I'm not a c/c++ developer myself, otherwise I would have just made a patch for it and submitted it for review.   This is tempting me to break down and start learning c/c++.
>> Will it hurt anything to add the feature?>If it isn't done 100% correctly, yes. See my previous message.If it only effects users who use the -T parameter, instead of the -t parameter, neither of which are documented?
>> I'd be happy to discuss offline the reasoning behind my request.>> It's valid, and if you'd bother to keep an open mind, you might actually understand \>> where I'm coming from.>I think we're way ahead of where you're coming from, which is why I>asked, "Have you tried WebDAV over SSL?"
Really, and I can use that as simply in a shell script as 
scp filename -i xfer_key user at remhost:
Or do I have to use some convoluted strings and other commands as well as configure additional keys, keystores, ssl etc?
This would be on systems with no web servers, no application servers.
I'll look into it, however, the servers essentially have ssh/scp/sftp (and the requisite openssl, etc) for services, nothing else.
Help yourself to FREE treats served up daily at the Messenger Café. Stop by today.

More information about the openssh-unix-dev mailing list