strip setuid/setgid bits on backup (was Re: small security-related rsync extension)

Dan Stromberg strombrg at
Tue Jul 9 10:59:42 EST 2002

On Tue, Jul 09, 2002 at 09:37:28AM -0600, Robert Weber wrote:
> > 
> > > never seen a file created with a newline in the filename
> > > (except, perhaps as a test).  The newline in filename issue
> > 
> > And in security exploits :-)  Given a newline-based format, one *must*
> > quote or deny newlines in filenames, not assume they're rare.  (No
> > obvious reason not to use URL-style %-quoting, or mime-style
> > =-quoting, if you want to preserve ease of filtering...)
> > 
> ----------
> This brings up an issue that I believe can be solved in a simpler way than
> with brute force C code.  I suspect some of you will cringe when you hear
> this, but a taintperl log parsing program would be best for this.  rsync
> could generate a verbose log file that is not human readable, designed to
> be read by a perl postprocessing script.  I think this would allow greater
> flexibility, and modularize the functionality to avoid some possible
> security problems.  This way log parsing would not be done at the
> authentication level of rsync(root) but at some lower level with read
> access to the log file.  Does this sound like a reasonable solution?

Perl should be avoided.  Perl is proof that sysadmins don't grok
language design.

Dan Stromberg                                               UCI/NACS/DCS
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 232 bytes
Desc: not available
Url :

More information about the rsync mailing list