bugzilla-daemon at bugzilla.mindrot.org
2012-May-07 23:12 UTC
[Bug 2005] New: scp should not overwrite files (without confirmation)
https://bugzilla.mindrot.org/show_bug.cgi?id=2005
Bug #: 2005
Summary: scp should not overwrite files (without confirmation)
Classification: Unclassified
Product: Portable OpenSSH
Version: 5.9p1
Platform: All
OS/Version: All
Status: NEW
Severity: major
Priority: P2
Component: scp
AssignedTo: unassigned-bugs at mindrot.org
ReportedBy: calestyo at scientia.net
Hi.
Not sure whether this has already been discussed previously (because it
seems so basic to me), but at least I haven't found it.
Right now, scp overwrites files (both when copied locally or remotely).
scp, being a conceptual relative to cp, should provide something like
cp's "-i".
Cheers,
Chris.
--
Configure bugmail: https://bugzilla.mindrot.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are watching the assignee of the bug.
bugzilla-daemon at bugzilla.mindrot.org
2012-May-08 04:28 UTC
[Bug 2005] scp should not overwrite files (without confirmation)
https://bugzilla.mindrot.org/show_bug.cgi?id=2005
Darren Tucker <dtucker at zip.com.au> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |dtucker at zip.com.au
--- Comment #1 from Darren Tucker <dtucker at zip.com.au> 2012-05-08
14:28:35 EST ---
It's not as simple as it seems.
In the case of a local->remote or remote->remote copy, the scp on your
end doesn't know if the file exists or not, and the scp at the other
end doesn't have any way to tell you if it does (there's no mechanism
in the scp protocol (such as it is) to do it.
--
Configure bugmail: https://bugzilla.mindrot.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are watching the assignee of the bug.
You are watching someone on the CC list of the bug.
bugzilla-daemon at bugzilla.mindrot.org
2012-May-09 12:16 UTC
[Bug 2005] scp should not overwrite files (without confirmation)
https://bugzilla.mindrot.org/show_bug.cgi?id=2005 --- Comment #2 from Christoph Anton Mitterer <calestyo at scientia.net> 2012-05-09 22:16:35 EST --- I guess protocol can't be easily extended? Would it be possible at least to generally say overwrite/don't-overwrite? -- Configure bugmail: https://bugzilla.mindrot.org/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are watching the assignee of the bug. You are watching someone on the CC list of the bug.
bugzilla-daemon at bugzilla.mindrot.org
2012-May-10 13:05 UTC
[Bug 2005] scp should not overwrite files (without confirmation)
https://bugzilla.mindrot.org/show_bug.cgi?id=2005
--- Comment #3 from Darren Tucker <dtucker at zip.com.au> 2012-05-10
23:05:10 EST ---
it's basically not possible to extend the scp protocol (which is really
just the rcp protocol) without breaking existing implementations.
Here's how it works: the local end runs "scp -t" ("to")
or scp -f
("from") on the remote end. The sending end sends a header that looks
like "C0644 20 foo\n" where the "C" is the header type,
followed by
the file modes, size and name. The receiving end makes a file with the
specified name and mode and writes the specified number of bytes into
it. That's it. No negotiation of any kind.
The only way to change the behaviour is sending an extra command line
switch to the other end, and unless all implementations support it
you've now caused an interop problem.
Also: http://openssh.com/faq.html#2.10
--
Configure bugmail: https://bugzilla.mindrot.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are watching the assignee of the bug.
You are watching someone on the CC list of the bug.
bugzilla-daemon at bugzilla.mindrot.org
2012-May-15 19:48 UTC
[Bug 2005] scp should not overwrite files (without confirmation)
https://bugzilla.mindrot.org/show_bug.cgi?id=2005 --- Comment #4 from Christoph Anton Mitterer <calestyo at scientia.net> 2012-05-16 05:48:07 EST --- Ok I see,... some comments nevertheless: 1) scp not only has the problem of not negotiating overwriting but also not supporting any extended attributes / ACLs. So I mean in principle, extensions to the "scp-protocol" would be necessary anyway. See bug #2009. 2) Maybe I'm wrong with that, too, but on both side some process would have to write the file, right? And this process is ssh, right? So at least it should be possible to specify on each side (in the config) a default whether to override per default or not, or not? I mean at least without any asking/negotiation or any notification (I guess it's not possible either to just give messages back to stdout)... I would suggest then, that the default is _not_ to overwrite. 3) How many scp implementations are out there, which are currently compatible with OpenSSH? Would it be feasible to sit together with them and standardise scp, e.g. as some RFC? 4) Is it possible for scp, to find out which scp server implementation it talks to? I guess it must be somehow possible, at least my nagios checks are able to get the implementation/version of remote SSHs. So why not determining this first and if OpenSSH was found adding some additional magic/syntax that makes this possible? For other clients/servers (2) should still be done, so that accidental overwriting when using mixed clients/servers could be prevented. Just some ideas, Chris. -- Configure bugmail: https://bugzilla.mindrot.org/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are watching the assignee of the bug. You are watching someone on the CC list of the bug.
bugzilla-daemon at bugzilla.mindrot.org
2012-May-16 03:55 UTC
[Bug 2005] scp should not overwrite files (without confirmation)
https://bugzilla.mindrot.org/show_bug.cgi?id=2005
Darren Tucker <dtucker at zip.com.au> changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|NEW |RESOLVED
Resolution| |WONTFIX
--- Comment #5 from Darren Tucker <dtucker at zip.com.au> 2012-05-16
13:55:48 EST ---
(In reply to comment #4)> Ok I see,... some comments nevertheless:
>
> 1) scp not only has the problem of not negotiating overwriting but also
> not supporting any extended attributes / ACLs.
> So I mean in principle, extensions to the "scp-protocol" would be
> necessary anyway.
no. as explained, scp inextensible without causing interop problems.
> 2) Maybe I'm wrong with that, too, but on both side some process would
> have to write the file, right? And this process is ssh, right?
no, it's scp. ssh is used only as an 8-bit clean transport.
> So at least it should be possible to specify on each side (in the
> config) a default whether to override per default or not, or not?
scp does not read any config files.
> I mean at least without any asking/negotiation or any notification (I
> guess it's not possible either to just give messages back to stdout)...
>
> I would suggest then, that the default is _not_ to overwrite.
this would almost certainly break existing scripts expecting the
opposite behaviour.
> 3) How many scp implementations are out there, which are currently
> compatible with OpenSSH?
> Would it be feasible to sit together with them and standardise scp,
> e.g. as some RFC?
That's pretty much what happened with sftp, except that for all of the
reasons elaborated above it's not possible to interoperate with scp.
The final result was the 60-page "SSH File Transfer Protocol version
6": http://tools.ietf.org/id/draft-ietf-secsh-filexfer-13.txt. We
stopped implementing at version 3
(http://openssh.com/txt/draft-ietf-secsh-filexfer-02.txt) when the
creeping featuritis kicked in.
It *would* be possible to implement what you're asking for in sftp,
either as a protocol extension (because the protocol is actually
extensible) or purely on the client side (albeit in a racy manner).
> 4) Is it possible for scp, to find out which scp server implementation
> it talks to?
no. The scp command is sent blind.
> I guess it must be somehow possible, at least my nagios
> checks are able to get the implementation/version of remote SSHs.
That's is possible because SSH *is* designed to be extensible, and
there *is* a protocol negotiation. Same is true of sftp.
> So why not determining this first and if OpenSSH was found adding some
> additional magic/syntax that makes this possible?
1) assuming the ssh server implementation is the same as the scp
implementation is likely to fail in some cases and 2) the scp command
never sees the ssh server details (it invokes ssh as a transport and is
not aware of the protocol details).
> For other clients/servers (2) should still be done, so that accidental
> overwriting when using mixed clients/servers could be prevented.
sorry, but no.
--
Configure bugmail: https://bugzilla.mindrot.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are watching the assignee of the bug.
You are watching someone on the CC list of the bug.
Seemingly Similar Threads
- Deprecation of scp protocol and improving sftp client
- sftp Vs scp
- [Bug 2287] New: AuthorizedKeysCommandUser should have it's default documented
- [Bug 2354] New: please document that PermitRootLogin really checks for uid=0
- [Bug 2310] New: functionality to start process before ssh and/or to "wrap" such command around ssh