Re: scp -rp behavior(SOLVED)

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

<big snip>

> Why "slash": /.thunderbird in case of your example? Because if you
> do not specify absolute path beginning with / the ssh daemon
> prepends your relative path with its `pwd` it runs in, and its
> `pwd` is "/")

Not so.  Consider:

$ ssh pi-1 pwd
/home/jmr

If you examine what is happening, the daemon creates an unprivileged
process for the user, and that process performs the operation.  Were
it to be otherwise you would have a gaping hole in security.

$ ssh pi-1 ps -f
UID        PID  PPID  C STIME TTY          TIME CMD
jmr       3054  3050  0 04:22 ?        00:00:00 sshd: jmr@notty
jmr       3055  3054  0 04:22 ?        00:00:00 ps -f
$ ssh pi-1 ps -ef | grep ssh
root      2432     1  0 Feb28 ?        00:00:00 /usr/sbin/sshd
root      3056  2432  0 04:23 ?        00:00:00 sshd: jmr [priv]
jmr       3060  3056  0 04:23 ?        00:00:00 sshd: jmr@notty

The first command shows the unprivileged process shelling out the ps
command as expected.  Note that the parent daemon is running as
jmr@notty.  The second command shows master daemon, the privileged
child to handle the connection and the unprivileged jmr@notty.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.22 (GNU/Linux)

iQIcBAEBAgAGBQJU80j0AAoJEAF3yXsqtyBlr0EQAJNyKbeBSu0F22dqe+cIiTfl
yydfgvCsqmg2xiAz4oQgiqHoYqjcj4XihnIclCmsrw+My4WAy5Yer59NVl/tVYPh
n0YOAm2oobHTYL4rse/eeFUUga19JD1JAwCrs/k3GQwDXaoBf9PXcRAQBo4q44Mx
peA7T9Fmb7eosz3xVS74hOeYFTPdOOMSr17ygGuyM9Q0vHgg3EyDUUPjotsp7eRe
vr9eQI64DgPL1Q01BdZYqseHbLNxkCjL1tuDRy8Qzrj2i4S4JEPB8h8VJWVssoQw
J6IqWz3hHi+9ecl5AX/jTdlgxUK7rhogMmQ7YanqA4MGCSZQkOmk7jz59ocD0S6q
sswJVUOHbV1DVKCFR/G2SOfYecp9iIti5az58v4nPMzK/X8coB1ZeB9cZlKpGh94
2UU34UmynvgCSsw3THqS3QgTE4VtPAVtyLJWFjK+E+ilsJ6b84emEWoSZ/b7RhTg
kADyr/xlmX6xXOUBQsME9ExfTVsKJv+wj02tFaxhEkup3bS2twAbRPprSy66TZXD
5OD8Nyz3lxSl1Z2qy7KzYhf3gY5gcYDXgtRPcNiM2sWOZTmoo+ZKJQVeVMyZ+inf
0Vls5joJrRi93XfVuWMijnT/A4aCAhbUBlPye7sX6uy96ButBsk/rAaolzNh1PdH
Htsbqx50fPZbzNfyZ2BB
=LGml
-----END PGP SIGNATURE-----
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos
[Index of Archives]     [CentOS]     [CentOS Announce]     [CentOS Development]     [CentOS ARM Devel]     [CentOS Docs]     [CentOS Virtualization]     [Carrier Grade Linux]     [Linux Media]     [Asterisk]     [DCCP]     [Netdev]     [Xorg]     [Linux USB]
  Powered by Linux