On 2007-10-11 18:01, Larry Becke wrote:>> Can this be done? >Theoretically.=
See my previous message.I must have missed it.
> Is it so terribly hard to add the feature?>It's not easy. See my previous=

message, and do a little research on path>canonicalization and past direct=
ory traversal vulnerabilities in, e.g.>IIS and Apache, to understand this b=

To throw an error and exit if "../" is in the remote path parameter?
To add a "./" between hostname: and /path/to/dir in the remote path paramet=

Just asking, as I know how to do this in the languages that I use.
Unfortunately, I'm not a c/c++ developer myself, otherwise I would have jus=
t made a patch for it and submitted it for review. This is tempting me to=
break down and start learning c/c++.
>> Will it hurt anything to add the feature?>If it isn't done 100% correctl=

y, yes. See my previous message.If it only effects users who use the -T par=
ameter, instead of the -t parameter, neither of which are documented?
>> I'd be happy to discuss offline the reasoning behind my request.>> It's =

valid, and if you'd bother to keep an open mind, you might actually underst=
and \>> where I'm coming from.>I think we're way ahead of where you're comi=
ng from, which is why I>asked, "Have you tried WebDAV over SSL?"

Really, and I can use that as simply in a shell script as =

scp filename -i xfer_key user@remhost:

Or do I have to use some convoluted strings and other commands as well as c=
onfigure additional keys, keystores, ssl etc?
This would be on systems with no web servers, no application servers.

I'll look into it, however, the servers essentially have ssh/scp/sftp (and =
the requisite openssl, etc) for services, nothing else.


__________________________________________________ _______________
Help yourself to FREE treats served up daily at the Messenger Caf=E9. Stop =
by today.
openssh-unix-dev mailing list