Filter files received on scp server

Philipp Marek philipp at marek.priv.at
Fri Aug 4 19:53:13 AEST 2017


>> I am hoping to filter on that file name so I can reject certain files
>> (ideally, configurable file patterns).  Suppose I wish for all files 
>> named
>> "kitten.txt" to be rejected, I would simply compare the incoming file 
>> name
>> to that and, if a match, end the transfer and session.
> 
> Look at the okname() function in scp.c.
> 
> You'd have to think about how to implement this so you can:
> 
> 1) Not expose yourself to unnecessarily risky code and functionality.
> 2) Provide for a (scalable) way to configure the list of "blacklisted"
> filenames so that it doesn't require undue -HUP (or worse, 
> recompilation) of
> the SSH services.
> 3) Resist the tempation to use risky libraries to expand the 
> flexibility of
> your "blacklisting" specifications, i.e., PCRE & friends.

Well, I'd suggest to just pass that decision making to an external 
process.

Ie. at the place doing an fopen() do a popen() instead (or fork()/exec() 
if not using stdio there), passing the filename in as an argument.

The called executable can then read data from STDIN, and can at any time 
(parsing the filename, the first few magic bytes, or the whole content) 
do an exit(1), signifying that the data was inappropriate.


Precedence case is the "AuthorizedKeysCommand".


More information about the openssh-unix-dev mailing list