strip setuid/setgid bits on backup (was Re: small security-related rsync extension)

Adrian Ho aho-sw-rsync at 03s.net
Mon Jul 8 02:38:02 EST 2002


On Mon, Jul 08, 2002 at 05:56:57PM +1000, Martin Pool wrote:
> Any thoughts on whether this should go in?  I can see arguments either
> way.  It seems like we ought to think about whether it would be better
> to do it as part of a generalized --chmod or --chmod-backup facility.

I'm inclined to push for more flexibility with:

  --post-process=<exec_pathname>
    Runs <exec_pathname> on the receiver just before rsync exits.
    <exec_pathname> is passed a list of fully-qualified pathnames on
    stdin (one per line) that have been created, modified or deleted by
    this rsync instance.

Dan's patch would therefore be reduced to the single script:

#!/bin/bash
xargs chmod u-s

This would also allow rsync users to post-process modified files in
whatever way they wish.

- Adrian




More information about the rsync mailing list