strip setuid/setgid bits on backup (was Re: small security-related rsync extension)
Martin Pool
mbp at samba.org
Thu Jul 11 19:11:02 EST 2002
On 8 Jul 2002, Dave Dykstra <dwd at bell-labs.com> wrote:
> The idea of the rsync client executing programs has been descussed before
> and rejected because it could easily be done by an external program if
> rsync simply passes it filenames. The only case I can see for having rsync
> execute programs is in the daemon; that was once approved in principle but
> nobody every implemented it.
>
> What we need, have long wanted, and even once had someone volunteer for
> (but it was never completed), is a major upgrade to the --log-format option
> to allow a lot more flexibility in what gets printed, and to have it work
> consistently with and without --dry-run. This would work too with lots of
> files because the names get streamed out as they're processed. See for
> example the thread around
> http://lists.samba.org/pipermail/rsync/1999-January/000954.html
I'm pretty sure I'm with Dave on this.
I think it would be reasonable when over ssh to have a way to run a
script on the remote machine, and have that script also get a copy of
the log.
--
Martin
More information about the rsync
mailing list