specifying a list of files to transfer
wayned at users.sourceforge.net
Wed Jan 15 18:11:01 EST 2003
On Tue, Jan 14, 2003 at 10:01:47PM -0600, Lee Eakin wrote:
> Yes, people do restrict args via ssh key restrictions.
OK, I thank you both for enlightening me on the subject. My current
patch applies the sanitize_path() function to all names read via the
--files-from option, regardless of whether we're pushing or pulling.
This means that all leading slashes are dropped from file names as
well as all leading "../" prefixes, and that any infix "dir/../"
combos are removed. This ensures that we can't get above the root
dir that was specified on the command-line.
> so any sanitize code could first make sure all pathnames begin with a valid
> module and then make sure the file or dir is really inside that module.
This isn't needed since the module name is specified on the command-line
and then all paths are relative to the directory that was specified in
that module. For instance:
rsync --files-from=foo remote::module/bar
forces all pathnames read to be relative to the bar dir of the module.
If no "/bar" path was specified, the paths would all be relative to the
root-dir of the module.
More information about the rsync