Bug#922205: openssh-client: scp regression: CVE-2019-6111 fix breaks syntax to overwrite target directory permissions
Package: openssh-client
Version: 1:7.4p1-10+deb9u5
Severity: normal
Dear Maintainer,
The recent openssh upstream fix to "check in scp client that filenames sent during
remote->local directory copies satisfy the wildcard specified by the user" (*) had an unfortunate
side effect of breaking a legitimate use case of scp: deliberately copying the source directory
permissions over the target directory. This is achieved by using syntax: "dir/.".
Example:
$ mkdir dstdir
$ scp -pr user@server:srcdir/. dstdir
error: unexpected filename: .
Even when I attempt to disable strict checking by specifying -T, the issue persists:
$ scp -pr -T user@server:srcdir/. dstdir
error: unexpected filename: .
Instead of failing I would have expected scp to allow copying over srcdir (including the
permissions) over to dstdir, when using this explicit syntax.
*) https://github.com/openssh/openssh-portable/commit/391ffc4b9d31fa1f4ad566499fef9176ff8a07dc
-- System Information:
Debian Release: 9.7
APT prefers stable
APT policy: (500, 'stable')
Architecture: amd64 (x86_64)
Kernel: Linux 4.9.0-8-amd64 (SMP w/8 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: sysvinit (via /sbin/init)
Versions of packages openssh-client depends on:
ii adduser 3.115
ii dpkg 1.18.25
ii libc6 2.24-11+deb9u3
ii libedit2 3.1-20160903-3
ii libgssapi-krb5-2 1.15-1+deb9u1
ii libselinux1 2.6-3+b3
ii libssl1.0.2 1.0.2q-1~deb9u1
ii passwd 1:4.4-4.1
ii zlib1g 1:1.2.8.dfsg-5
Versions of packages openssh-client recommends:
ii xauth 1:1.0.9-1+b2
Versions of packages openssh-client suggests:
pn keychain <none>
pn libpam-ssh <none>
pn monkeysphere <none>
pn ssh-askpass <none>
-- no debconf information
Reply to: