On 2008-04-01 at 18:43 +0100, Dagfinn Ilmari Mannsåker wrote: > Serves him right for not quoting untrusted data properly.
So you never recursively scp data? scp per SSHv1 and OpenSSH SSHv2 protocol (but not ssh.com SSHv2, where it's retargeted to use the SFTP protocol backend) uses rcp as the file transfer protocol, just run over an SSH session instead of a raw network connection. rcp, the line-oriented protocol. ISTR that OpenSSH ended up introducing some kind of escaping in more recent versions, as an internal matter. Quoting what's passed to scp by a script won't help you at all. Besides which, quoting isn't sufficient. Not if the filename starts with a '-' sign. -Phil