Finally tighten up the server-side wildcard security hole, the

Finally tighten up the server-side wildcard security hole, the
_right_ way. (SSWs are disabled by default and can be re-enabled
using `-unsafe', meaning that pscp will _never_ do anything
unexpected to your local file system unless you explicitly give
consent. The sftp-based variant will work fine because the
corresponding mechanism is _not_ unsafe.)

[originally from svn r1212]