strip setuid/setgid bits on backup (was Re: small security-related rsync extension)

Paul Haas paulh at
Fri Jul 19 13:59:01 EST 2002

On Fri, 19 Jul 2002, Dan Stromberg wrote:

> Many apologies.  If we update on the nfs server, as we've intended all
> along, we should have no .nfs* files.

Boy am I confused.  I thought the .nfs* files were created on the NFS
server.  They're created when a process on a NFS client has an executable
file open and that file gets unlinked.  I believe they are created
regardless of where the process is that unlinks the file.

It doesn't really matter if I truly understand .nfs files, since it almost
never makes sense to backup .nfs files. .nfs files are a kludge for
maintaining the state of open files on top of the mostly stateless nfs
protocol.  The state of open files is only significant to the processes
that have the files open.  The nfs clients are refering to those files by
inode number, not name, so the copy that rsync makes will be worthless to
them anyway.

The option you want is:
   --exclude .nfs\*

I typed "almost never". The case where you actually want to backup .nfs
files is when a script kiddie has hidden their evil tools on your disk by
giving them .nfs* names and you want to save the evidence.  In that
situation, the user of rsync is painfully aware of SUID bits.  They will
almost certainly remember to rsync to a directory that is mode 0700 or
something more effective, such as pulling the external network connection.

Paul Haas
paulh at

More information about the rsync mailing list