openssh bugs - Jun 2007 - [Bug 943] sftp will not send from a named pipe

http://bugzilla.mindrot.org/show_bug.cgi?id=943


Damien Miller <djm at mindrot.org> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
             Status|REOPENED                    |RESOLVED
         Resolution|                            |WONTFIX
                 CC|                            |djm at mindrot.org




--- Comment #6 from Damien Miller <djm at mindrot.org>  2007-06-22
13:53:16 ---
Like I said, WONTFIX. If you want to transfer data to/from named pipes
then you can use ssh with cat/dd/stdio redirection.


-- 
Configure bugmail: http://bugzilla.mindrot.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
You are watching someone on the CC list of the bug.

http://bugzilla.mindrot.org/show_bug.cgi?id=943


Mark Fuller <azfuller at gmail.com> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
             Status|RESOLVED                    |REOPENED
         Resolution|WONTFIX                     |




--- Comment #7 from Mark Fuller <azfuller at gmail.com>  2007-06-27
01:26:44 ---
I'm sorry to reopen this bug report, but you have not addressed my
concerns. The original bug (you refer to as the cause of disallowing
named pipes) said SSH should not block on named pipes. The solution was
to disallow named pipes. I am contending that this is an incorrect
resolution for two reasons (which I wish you would address):

1) It breaks the unix concept of "everything is a file."

2) SSH's importance is its security. Using named pipes are beneficial
in the most extreme implementations (such as in a DMZ) where writing
the file to disk would be too much of an exposure. In those cases a
forked process decrypts a file and serves it to the "getter" through a
named pipe. (Or, reads a named pipe to encrypt data from the
"putter.").

It's not that I disagree with the original bug report concerning how
SSH blocks on FIFOs. It's that I disagree with how the problem was
solved in such a sweeping manner. It should have been an option to SSH
to skip FIFOs. 

In your last response you said I can use cat/dd/stdio redirection. I
believe this will result in one of two things happening. It will either
cause blocking (true FIFO behavior, which means the sweeping
elimination of FIFOs didn't really fix anything). Or, it will allow
data to be written to disk (because it's not blocked, but then
eliminating the desired behavior described above in item #2).

If I have misunderstood how cat/dd/stdio would work, could you please
give me a working example? I would be happy to evaluate it. If it is
indeed a suitable solution perhaps you could add it to the FAQ? (The
page for reporting bugs says to check the FAQ for things that aren't
bugs at all. If this isn't a bug, then it seems like the FAQ should
address this with an example of how SSH should be used with named pipes
(to accomplish the goals outlined above). But, I'd like to review it
before you publish it because, as I said above, I think it's either
going to cause blocking (thereby calling into question the "fix" for
#856), or allow data to be written to disk (which breaks the goal of
eliminating data being written to disk).

I'm sorry to be a pest. I appreciate all the free work you do. I
wouldn't continue to pursue this matter if I didn't feel it is serious.

Thanks,
Mark


-- 
Configure bugmail: http://bugzilla.mindrot.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
You are watching someone on the CC list of the bug.

http://bugzilla.mindrot.org/show_bug.cgi?id=943


Damien Miller <djm at mindrot.org> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
            Version|3.9p1                       |-current
             Status|REOPENED                    |RESOLVED
         Resolution|                            |WONTFIX
           Severity|normal                      |enhancement




--- Comment #8 from Damien Miller <djm at mindrot.org>  2007-06-27
13:31:35 ---
Here is an example of using ssh to transfer to/from a FIFO:

ssh user at host "cat /path/to/yourfifo" > output
ssh user at host "cat > /path/to/yourfifo" < input

Naturally it is up to you to ensure that something is listening on the
FIFO. If you have further questions, please ask them on a general ssh
mailing list or newsgroup. A bug tracking system is not the place to
field support questions.

Otherwise, you can use the patch that is attached to this bug to modify
your sftp to do what you want.


-- 
Configure bugmail: http://bugzilla.mindrot.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
You are watching someone on the CC list of the bug.

http://bugzilla.mindrot.org/show_bug.cgi?id=943


Mark Fuller <azfuller at gmail.com> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
             Status|RESOLVED                    |REOPENED
         Resolution|WONTFIX                     |




--- Comment #9 from Mark Fuller <azfuller at gmail.com>  2007-06-27
13:49:17 ---
As the original bug report stated, the problem is with sftp (and scp).
We are not able to give shell access. Again, the issue is *security*.
We use a named pipe so that data isn't written to disk. It stands to
reason that we wouldn't grant shell access to such a system just as a
workaround to what was an overly broad "fix" when someone asking for
sftp/scp not to block. 

The solution should be to allow/disallow FIFOs via a command-line parm.
Forcing everyone to never use them is not a solution. Forcing us to
grant shell access (a greater security risk) is not a solution.

I think you need to face it. The fix for #856 was too sweeping. I don't
mind patching SSH. But, that's not a long term solution. That's what
I'm asking for.

Thank you for your time.

Mark


-- 
Configure bugmail: http://bugzilla.mindrot.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
You are watching someone on the CC list of the bug.

http://bugzilla.mindrot.org/show_bug.cgi?id=943


Damien Miller <djm at mindrot.org> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
                 CC|djm at mindrot.org             |




-- 
Configure bugmail: http://bugzilla.mindrot.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
You are watching someone on the CC list of the bug.