Jakub jelen (Red Hat yekuchengetedza mainjiniya) yakaratidza kuti iyo SCP protocol inorondedzerwa seisingachashandi kuti gare gare ramba uchibviswa. Sezvo SCP iri padhuze padyo neRCP uye inogara nhaka yezvinetso zvekuvaka Zvakakosha izvo zvinopa mukana wekukanganisa.
Kunyanya, muSCP uye RCP, sevha inogamuchira sarudzo yekuti ndeapi mafaera uye madhairekitori ekutumira kumutengi, uye mutengi anoteedzera rairo dzeseva uye anongotarisa kururamisa kwemazita echinhu akadzorerwa.
Nokubatanidza kune sevha inodzorwa neanorwisa, sevha inogona kuendesa mamwe mafaera, izvo zvave zvichitungamira mukuratidzwa kwekushomeka.
Semuenzaniso, kusvika nguva pfupi yadarika, mutengi aingotarisa dhairekitori razvino, asi haana kufunga kuti sevha inogona kuburitsa faira rine zita rakasiyana nekunyora mafaira asina kukumbirwa (semuenzaniso, panzvimbo ye "test.txt" chakumbirwa, sevha inogona kutumira faira inonzi ». bashrc« uye ichazonyorwa nemutengi).
Mune chinyorwa, chakaburitswa naJakub Jelen, unogona kuverenga zvinotevera:
Mhoro vashandisi veFedora! Mumakore achangopfuura, kwave paine nyaya dzinoverengeka muSCP protocol, zvichititungamira kukurukurirano kana tichigona kuzvibvisa muzvikamu zvekutanga.
Mazhinji manzwi aiti anoshandisa SCP kunyanya emhando dzead-hoc dziri nyore uye nekuti sftp utility haina kupa interface yakapusa kuteedzera rimwe kana mafaera maviri kumashure nekudzoka uye nekuti vanhu vanongoshandiswa kunyora scp pachinzvimbo cheSftp.
Rimwe dambudziko neiyo SCP protocol ndeyekupokana kugadzirisa chinhu.
Sezvo zvataurwa izvozvo kana uchiteedzera mafaera kune ekunze server iyo faira nzira inoiswa kusvika kumagumo eiyo scp yekuraira yemunharaunda, semuenzaniso, kana iwe uchimhanya kuraira «scp / sourcefile remoteserver: 'bata / tmp / shandisa.sh` / targetfile'» pane server, rairo »bata / tmp / shandisa.sh» uye iyo faira / tmp yaive yakagadzirwa /exploit.sh, saka zvakakosha kushandisa chaiyo vatambi ekupunyuka mu scp.
Kana scp ichishandiswa kudzokorora zvakapetwa zvemukati (iyo "-r" sarudzo) mumafaira masystem anotambira iyo '' 'hunhu mumazita emafaira, anorwisa anogona kugadzira faira ine maapostrophes oita iyo kodhi yekumhanya.
MuOpenSSH dambudziko iri rinoramba risina kugadziriswa, sezvo zvichinetsa kuzvigadzirisa pasina kutyora kuenderana kumashure, semuenzaniso kumhanya mirairo kuti utarise kana dhairekitori riripo usati warikopa.
Nhaurirano dzapfuura dzakaratidza kuti scp inowanzo shandiswa kuteedzera mafaera kubva kune imwe system kuenda kune imwe.
Zvisinei, vanhu vazhinji vanoshandisa scp pachinzvimbo che sftp nekuda kwekureruka interface uye zviri pachena kuteedzera mafaera, kana kungo tsika. Jakub inoratidza kushandisa iyo yekumisikidza kuitiswa kweiyo scp utility, yakashandurwa kuti ishandise iyo SFTP protocol (yezvimwe zviitiko zvakakosha, iko iko iko kunopa iyo "-M scp" sarudzo yekudzosera kune iyo SCP protocol), kana kuwedzera mamiriro ekuenderana kune iyo sftp utility iyo inokutendera iwe kushandisa sftp mukati seyakajeka kutsiva scp.
Mimwe mwedzi yapfuura, ini ndakanyora chigamba che scp kushandisa SFTP mukati (pamwe nemukana wekuchichinja uchishandisa -M scp) ndokuchimhanya zvinobudirira mune kumwe kuyedza.
Mhinduro yekukwira kwese kwese yaive yakanakawo, saka ndinoda kunzwa kubva kuvashandisi vedu zvakare. Ichine zvimwe zvayisingakwanise (rutsigiro rwakashaikwa, harushande kana sevha ikasamhanya sftp subsystem,…), asi inofanirwa kukwana zvakakwana kune akajairika mashandisiro kesi.
Pakati pekukanganisa yenzira yakatsanangurwa, zvisingaiti zvekuchinjana dhata nemaseva asingatangi sftp subsystem yataurwa, uye kusavapo kwenzira yekuchinjisa pakati pevaviri vekunze mauto ane transit kuburikidza neyemunharaunda inomiririra ("-3" modhi). Vamwe vashandisi vanocherechedzawo kuti SFTP iri kumashure zvishoma kweSCP maererano nebandwidth, inova inonyanya kuoneka pane yakashata kubatana neakakwira latency.
Zvekuyedza, imwe nzira inovhura pasuru yakatove yakaiswa munzvimbo yekukopa, ichichimisa pamwe nekuitwa kweiyo scp utility pamusoro peiyo SFTP protocol.
mabviro: https://lists.fedoraproject.org/