Bug#289401: /usr/bin/scp: scp documentation: The -- flag is not documented
Package: ssh
Version: 1:3.8.1p1-8.sarge.4
Severity: minor
File: /usr/bin/scp
The -- flag actually works as one might expect, but it is
not documented either in the man page or in the 'Usage'
output of scp.
This is mildly important, because if anyone were to write a
shell script that executed
scp * some:target
and if they had a file named '-P' or '-o' it might be possible
to cause some sort of security breach.
However,
scp -- * some:target
cleanly removes the possibility of trouble from filenames beginning
with hyphens.
-- System Information:
Debian Release: 3.1
APT prefers testing
APT policy: (500, 'testing')
Architecture: i386 (i686)
Kernel: Linux 2.6.8-1-686
Locale: LANG=C, LC_CTYPE=C (charmap=ANSI_X3.4-1968)
Versions of packages ssh depends on:
ii adduser 3.59 Add and remove users and groups
ii debconf 1.4.30.11 Debian configuration management sy
ii dpkg 1.10.25 Package maintenance system for Deb
ii libc6 2.3.2.ds1-20 GNU C Library: Shared libraries an
ii libpam-modules 0.76-22 Pluggable Authentication Modules f
ii libpam-runtime 0.76-22 Runtime support for the PAM librar
ii libpam0g 0.76-22 Pluggable Authentication Modules l
ii libssl0.9.7 0.9.7e-2 SSL shared libraries
ii libwrap0 7.6.dbs-6 Wietse Venema's TCP wrappers libra
ii zlib1g 1:1.2.2-3 compression library - runtime
-- debconf information:
ssh/insecure_rshd:
ssh/privsep_ask: true
* ssh/user_environment_tell:
* ssh/forward_warning:
ssh/insecure_telnetd:
ssh/new_config: true
* ssh/use_old_init_script: true
* ssh/SUID_client: true
ssh/disable_cr_auth: false
* ssh/privsep_tell:
ssh/ssh2_keys_merged:
* ssh/protocol2_only: true
ssh/encrypted_host_key_but_no_keygen:
* ssh/run_sshd: true
Reply to: