specifying a list of files to transfer

Wayne Davison wayned at users.sourceforge.net
Wed Jan 15 03:40:01 EST 2003

On Tue, Jan 14, 2003 at 07:02:58PM -0800, jw schultz wrote:
> Up till now rsync hasn't touched anything outside of the paths
> specified on the command-line.  Changing that would mean access to
> rsync via ssh would no longer be restricted, just disabled.

Are you saying that some people have special ssh scripts that check
and/or tweak the file names on the command-line to ensure they fall with
certain bounds when running rsync commands?  I.e., if someone ran this

    rsync -av -e ssh "source:dir /foo/two /bar/three" /tmp

the remote ssh setup would handle the presence of the extra "/foo/two",
"/bar/three" args?  If so, I hadn't realized that people were limiting
ssh access by more than the traditional user/group/permissions access.

> Sanitizing the paths to force them to be relative on pulls
> but not pushes would be too asymetrical for my liking.

I agree that if we find that we want to sanitize the paths in some cases
that we should just make it the default for files-from -- i.e. make it
where nothing can get beyond the root dir specified on the command-line.

> I'd rather just disallow or sanitize absolute paths.

Note that it's more pervasive than just absolute paths, since someone
can use args like "../../../etc/password" or "good_dir/../../bad_dir"
(all of which the sanitize_path() call handles).


More information about the rsync mailing list