strip setuid/setgid bits on backup (was Re: small security-related rsync extension)

tim.conway at tim.conway at
Fri Jul 19 12:36:02 EST 2002

I think this is more a philosophical issue.  Some people want all 
applications to be like windows.  "Are you sure you want to delete this 
file" <YES>  "really"<yes>"it might make something stop 
working<yes>"permission denied".  Unix assumes you know what you're doing. 
 If you don't, tough. 

There's no reason you can't make a "secure" rsync.  You can use it, give 
it away, sell it, rename it - whatever you want, within the limits of the 
GPL.  You can fork the project.  Heck, maybe you can even bleed all the 
resources from this one into yours.  I'd consider that a pretty good 
indication that your way is better.  Then, everybody who needed to 
syncronize files preserving SUID attributes would have to keep a list of 
them all on the source, and add them back on on the destination in 
postprocessing, or else they could hack the source to preserve suid. Maybe 
they could petition your project to add a "--preserve-suid" option 
(instead of the more sensible "--strip-suid" option to add to this 

Tim Conway
tim.conway at
303.682.4917 office, 3039210301 cell
Philips Semiconductor - Longmont TC
1880 Industrial Circle, Suite D
Longmont, CO 80501
Available via SameTime Connect within Philips, n9hmg on AIM
perl -e 'print pack(nnnnnnnnnnnn, 
".\n" '
"There are some who call me.... Tim?"

More information about the rsync mailing list