This is a discussion on Re: scp -t - revisited..... - openssh ; Hi again Larry, On Fri, Dec 07, 2007 at 10:58:12AM -0600, Larry Becke wrote: > If this were to be put to use in some kind of publicly accessible > location, I wouldn't even consider this a fix for our ...
Hi again Larry,
On Fri, Dec 07, 2007 at 10:58:12AM -0600, Larry Becke wrote:
> If this were to be put to use in some kind of publicly accessible
> location, I wouldn't even consider this a fix for our problem. I
> do not believe in security through obscurity.
Oh I don't think this qualifies. It's not like you're hiding
> Now, where this comes into play is when we are dealing with sister
> companies, trusted trading partners, etc... There's already a
> certain level of trust involved, and we're looking for something to
> prevent accidental file relocation.
Then I would be satisfied with this method.
> I understand that carefully tweaked data flow sent to the scp
> server side could cause data to be written to a location other than
> what's specified by the key. I have no questions that that could
> Now the one thing that I would ask, is this, could a crafted scp
> connection (even when forced to run scp -t ) cause a file to be
> pulled down to the client?
I don't think so, no.
openssh-unix-dev mailing list