On 05.07.23 02:50, Damien Miller wrote:
Some possibilities:
1. the receive.ksh script is faulty in some way that causes it to invoke
sftp-server
How would the script even *know* that the client requested the SFTP subsystem? Is a subsystem's executable/path, supposedly internally overwritten with the forced command at that point, exposed through $SSH_ORIGINAL_COMMAND ?
(As a quick preliminary check, I'd suggest doing a "ps auwwwx --forest" on the server while WinSCP has a "hacked" session open. If the sftp-server process turns out to be a child of the script, bingo. If not, the script could still be the culprit, but then we'd know that it must "exec" the sftp-server or somesuch, rather than calling it "normally" as a subprocess.)
Kind regards, -- Jochen Bern Systemingenieur Binect GmbH
Attachment:
smime.p7s
Description: S/MIME Cryptographic Signature
_______________________________________________ openssh-unix-dev mailing list openssh-unix-dev@xxxxxxxxxxx https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev
