specifying a list of files to transfer
Leakin at dfw.Nostrum.com
Wed Jan 15 20:49:00 EST 2003
---begin quoted text---
> From: Wayne Davison <wayned at users.sourceforge.net>
> Subject: Re: specifying a list of files to transfer
> Date: Wed, 15 Jan 2003 10:10:29 -0800
> On Tue, Jan 14, 2003 at 10:01:47PM -0600, Lee Eakin wrote:
> > Yes, people do restrict args via ssh key restrictions.
> OK, I thank you both for enlightening me on the subject. My current
> patch applies the sanitize_path() function to all names read via the
> --files-from option, regardless of whether we're pushing or pulling.
> This means that all leading slashes are dropped from file names as
> well as all leading "../" prefixes, and that any infix "dir/../"
> combos are removed. This ensures that we can't get above the root
> dir that was specified on the command-line.
That's awsome. Now as long as I want to allow access to the given portion
of the file tree I can allow files-from.
Now if I can only figure out a way to intercept the list when I need to
be real picky about which individual files are accessed ...
> > so any sanitize code could first make sure all pathnames begin with a valid
> > module and then make sure the file or dir is really inside that module.
> This isn't needed since the module name is specified on the command-line
> and then all paths are relative to the directory that was specified in
> that module. For instance:
> rsync --files-from=foo remote::module/bar
> forces all pathnames read to be relative to the bar dir of the module.
> If no "/bar" path was specified, the paths would all be relative to the
> root-dir of the module.
That's cool too, so no additional/special code to handle server-mode ;)
I like this a lot, now to test ...
---end quoted text---
Lee Eakin - leakin at dfw.nostrum.com
Benchley's Law of Distinction:
There are two kinds of people in the world, those who believe
there are two kinds of people in the world and those who don't.
More information about the rsync