[PATCH] add sftp-server option to force temp files
Nathan Wagner
nw at hydaspes.if.org
Mon Feb 21 09:07:00 AEDT 2022
On Sun, Feb 20, 2022 at 01:30:57PM -0500, Nico Kadel-Garcia wrote:
> On Sun, Feb 20, 2022 at 11:08 AM Nathan Wagner <nw at hydaspes.if.org> wrote:
> >
> > The following patch will add a -T option to sftp-server.c that forces
> > use of a temp file for uploads to the server. It takes an argument that
> > has 'XXXXXX' added to the end and used as a template string for
> > mkstemp(3).
>
> Wouldn't rsync over SSH be better for this sort of feature
> aggregation?
I don't have any control over the client software. The scanner runs
whatever the manufacturer installs.
> The potential chroot caged setups for sftp may have their
> uses, but the more complex you make this sort of behavior, the more
> vulnerable you become to alarming failures such as leaving behind
> temporary file debris as the artifact of a failed transfer,
I'd rather leave behind a temp file than a partial file with the
intended name. The bad temp file is a lot easier to identify and
remove.
--
nw
More information about the openssh-unix-dev
mailing list