[scponly] scponly 4.8 available

[wbr oblyr]

This is an announcement for the release of scponly 4.8, which is available here:

http://sourceforge.net/projects/scponly/

The most important change in scponly 4.8 is the argument validation code needed to support the 
various transport protocols safely. All the various arguments for svn, rsync, sftp-server, et 
cetera present multiple vectors for surreptitiously injecting commands and scponly's hardest 
challenge is in policing these command line arguments to allow functionality without giving up 
execution to the remote user.  

The most important fix in 4.8 is the exclusion of the -o and -F flags to scp, which would 
allow a remote user to specify alternate configuration directives, which in turn could be used 
to escalate to execution privs.  For example, specifying a ProxyCommand directive could be 
leveraged to run an uploaded program.  It is important to note that vulnerabilities of this 
nature are only possible after authentication.  Also note scp is not longer enabled by default 
in scponly.

However, it is strongly recommended that people read the SECURITY document contained inside 
the scponly source tarball for further details.  It is also strongly recommended that security 
conscious administrators pay particular attention to the supported transport mechanisms they 
choose to enable or disable via the configure script when installing scponly. 

Credit for the code in scponly in due to Kaleb Pederson with a big thanks to Florian Weimer 
for providing the heads up and a patch.

Any issues with scponly-4.8 can be directed to this mailing list and/or me directly.
joe