[prev in list] [next in list] [prev in thread] [next in thread]
List: openssh-unix-dev
Subject: Re: scp -t - revisited.....
From: Peter Stuge <stuge-openssh-unix-dev () cdy ! org>
Date: 2007-12-07 19:41:01
Message-ID: 20071207194102.5222.qmail () cdy ! org
[Download RAW message or body]
Hi again Larry,
On Fri, Dec 07, 2007 at 10:58:12AM -0600, Larry Becke wrote:
> If this were to be put to use in some kind of publicly accessible
> location, I wouldn't even consider this a fix for our problem. I
> do not believe in security through obscurity.
Oh I don't think this qualifies. It's not like you're hiding
anything.
> Now, where this comes into play is when we are dealing with sister
> companies, trusted trading partners, etc... There's already a
> certain level of trust involved, and we're looking for something to
> prevent accidental file relocation.
Then I would be satisfied with this method.
> I understand that carefully tweaked data flow sent to the scp
> server side could cause data to be written to a location other than
> what's specified by the key. I have no questions that that could
> happen.
Cool.
> Now the one thing that I would ask, is this, could a crafted scp
> connection (even when forced to run scp -t ) cause a file to be
> pulled down to the client?
I don't think so, no.
//Peter
_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev@mindrot.org
https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic