diff options
author | djm@openbsd.org <djm@openbsd.org> | 2019-01-26 22:41:28 +0000 |
---|---|---|
committer | Damien Miller <djm@mindrot.org> | 2019-01-27 09:42:39 +1100 |
commit | 391ffc4b9d31fa1f4ad566499fef9176ff8a07dc (patch) | |
tree | 58ebbdac03a5cfe199f0edc3eedb36af756cd6d9 /scp.1 | |
parent | c2c18a39683db382a15b438632afab3f551d50ce (diff) |
upstream: check in scp client that filenames sent during
remote->local directory copies satisfy the wildcard specified by the user.
This checking provides some protection against a malicious server
sending unexpected filenames, but it comes at a risk of rejecting wanted
files due to differences between client and server wildcard expansion rules.
For this reason, this also adds a new -T flag to disable the check.
reported by Harry Sintonen
fix approach suggested by markus@;
has been in snaps for ~1wk courtesy deraadt@
OpenBSD-Commit-ID: 00f44b50d2be8e321973f3c6d014260f8f7a8eda
Diffstat (limited to 'scp.1')
-rw-r--r-- | scp.1 | 16 |
1 files changed, 13 insertions, 3 deletions
@@ -8,9 +8,9 @@ | |||
8 | .\" | 8 | .\" |
9 | .\" Created: Sun May 7 00:14:37 1995 ylo | 9 | .\" Created: Sun May 7 00:14:37 1995 ylo |
10 | .\" | 10 | .\" |
11 | .\" $OpenBSD: scp.1,v 1.84 2019/01/22 06:58:31 jmc Exp $ | 11 | .\" $OpenBSD: scp.1,v 1.85 2019/01/26 22:41:28 djm Exp $ |
12 | .\" | 12 | .\" |
13 | .Dd $Mdocdate: January 22 2019 $ | 13 | .Dd $Mdocdate: January 26 2019 $ |
14 | .Dt SCP 1 | 14 | .Dt SCP 1 |
15 | .Os | 15 | .Os |
16 | .Sh NAME | 16 | .Sh NAME |
@@ -18,7 +18,7 @@ | |||
18 | .Nd secure copy (remote file copy program) | 18 | .Nd secure copy (remote file copy program) |
19 | .Sh SYNOPSIS | 19 | .Sh SYNOPSIS |
20 | .Nm scp | 20 | .Nm scp |
21 | .Op Fl 346BCpqrv | 21 | .Op Fl 346BCpqrTv |
22 | .Op Fl c Ar cipher | 22 | .Op Fl c Ar cipher |
23 | .Op Fl F Ar ssh_config | 23 | .Op Fl F Ar ssh_config |
24 | .Op Fl i Ar identity_file | 24 | .Op Fl i Ar identity_file |
@@ -222,6 +222,16 @@ to use for the encrypted connection. | |||
222 | The program must understand | 222 | The program must understand |
223 | .Xr ssh 1 | 223 | .Xr ssh 1 |
224 | options. | 224 | options. |
225 | .It Fl T | ||
226 | Disable strict filename checking. | ||
227 | By default when copying files from a remote host to a local directory | ||
228 | .Nm | ||
229 | checks that the received filenames match those requested on the command-line | ||
230 | to prevent the remote end from sending unexpected or unwanted files. | ||
231 | Because of differences in how various operating systems and shells interpret | ||
232 | filename wildcards, these checks may cause wanted files to be rejected. | ||
233 | This option disables these checks at the expense of fully trusting that | ||
234 | the server will not send unexpected filenames. | ||
225 | .It Fl v | 235 | .It Fl v |
226 | Verbose mode. | 236 | Verbose mode. |
227 | Causes | 237 | Causes |