psftp and pscp should disable all forwarding (ports, X, agent).

[u/mdw/putty] / psftp.c

diff --git a/psftp.c b/psftp.c
index ebfb8ef..137320b 100644 (file)
--- a/psftp.c
+++ b/psftp.c
@@ -276,6 +276,15 @@ int sftp_cmd_cd(struct sftp_command *cmd)
 }
 
 /*
+ * Print current directory. Easy as pie.
+ */
+int sftp_cmd_pwd(struct sftp_command *cmd)
+{
+    printf("Remote directory is %s\n", pwd);
+    return 0;
+}
+
+/*
  * Get a file and save it at the local end. We have two very
  * similar commands here: `get' and `reget', which differ in that
  * `reget' checks for the existence of the destination file and
@@ -919,6 +928,12 @@ static struct sftp_cmd_lookup {
            sftp_cmd_put
     },
     {
+       "pwd", "print your remote working directory",
+           "\n"
+           "  Print the current remote working directory for your SFTP session.\n",
+           sftp_cmd_pwd
+    },
+    {
        "quit", "bye", NULL,
            sftp_cmd_quit
     },
@@ -1695,6 +1710,15 @@ int main(int argc, char *argv[])
     /* SFTP uses SSH2 by default always */
     cfg.sshprot = 2;
 
+    /*
+     * Disable scary things which shouldn't be enabled for simple
+     * things like SCP and SFTP: agent forwarding, port forwarding,
+     * X forwarding.
+     */
+    cfg.x11_forward = 0;
+    cfg.agentfwd = 0;
+    cfg.portfwd[0] = cfg.portfwd[1] = '\0';
+
     /* Set up subsystem name. */
     strcpy(cfg.remote_cmd, "sftp");
     cfg.ssh_subsys = TRUE;