On Thu, Apr 12, 2007 at 01:13:16AM +0300, [EMAIL PROTECTED] wrote:
> On Wed, Apr 11, 2007 at 04:41:41PM -0500, Matthew R. Dempsky wrote:
> > On Wed, Apr 11, 2007 at 10:02:50PM +0100, Stuart Henderson wrote:
> > > On 2007/04/11 13:41, Bryan Irvine wrote:
> > > > scp [EMAIL PROTECTED]:"a\ b" .
> > >
> > > you have to escape to *both* your local shell, and the remote shell
> >
> > This has always seemed silly to me. Does anyone intentionally use
> >
> > $ scp host:"a b" .
> >
> > instead of
> >
> > $ scp host:"{a,b}" .
>
> Does anyone intentionally use
>
> scp '[EMAIL PROTECTED]:`rm -fr /`' /dev/null ?
Security hole in scp. Send someone an e-mail attachment named
`rm -fr /`. If he uses multiple machines, it's possible he'll want to
copy it and writes a similar command to the above according to the
scp man page. Then he wonders why his files disappeared.
CL<
