<div dir="ltr"><div><div>Greetings,<br></div><br>I have found several security issues
in an rsync set-up that results from an inexperienced sysadmin following
precisely what is meant to only be an example, in the "Using Rsync and
SSH" tutorial (<a href="http://troy.jdmz.net/rsync/" target="_blank">http://troy.jdmz.net/rsync/</a>), as linked from the <a href="http://rsync.samba.org/documentation.html" target="_blank">http://rsync.samba.org/documentation.html</a> page. <br>
<br>Consider incorporating the following suggestions to improve security:<br><br></div><div>1- the validate-rsync script should reject not only the < but also the > character, otherwise any file can be overwritten.<br>
<br></div><div>2- the validate-rsync command itself should not be owned
nor writeable by the userid that executes the rsync command.
Otherwise, rsync can be used to overwrite the validation script with
another script that doesn't validate, or even execute arbitrary
commands.<br>
<br>3- similarly, the authorized-keys file should not be owned or
writeable by the rsync user, otherwise rsync can be used to overwrite
that file, with one that removes the requirement to run validate-rsync,
or with one that runs some other command instead.<br>
<br></div>Regards,<br><br>Yanek Martinson</div>