Bug 431

Summary:

scp could prevent write access to server

Product:

Portable OpenSSH

Reporter:

gfernandez

Component:

scp

Assignee:

OpenSSH Bugzilla mailing list <openssh-bugs>

Status:

CLOSED INVALID

Severity:

normal

Priority:

Version:

-current

Hardware:

All

OS:

All

Attachments:

Description	Flags
adds readonly flag to scp	none

Description gfernandez 2002-11-08 00:35:34 AEDT

This provides a compile time mode where scp would refuse write operations.  As 
a result, scp would treat the server as readonly.

Comment 1 gfernandez 2002-11-08 00:36:38 AEDT

Created attachment 174 [details]
adds readonly flag to scp

this change applies to scp.c

Comment 2 rumen 2002-11-08 21:19:16 AEDT

What about command: 
$ ssh user@host '( cat > FILE_NAME_ON_REMOTE_HOST )' < FILE_NAME_ON_LOCAL_HOST 
 
this is same as: 
$ scp FILE_NAME_ON_LOCAL_HOST user@host:FILE_NAME_ON_REMOTE_HOST

Comment 3 gfernandez 2002-11-09 00:05:47 AEDT

like most security issues, this change would not be sufficient by itself. In my 
setup I've made other changes that make cat unavailable (i.e. by using chroot
()).

Comment 4 Damien Miller 2004-04-14 12:24:18 AEST

Mass change of RESOLVED bugs to CLOSED