an unwanted chroot() call

Lao Coon laocoon at fastmail.fm
Fri Nov 14 01:15:45 EST 2003


Daniel Ortmann wrote:

>Ok, I figured out the answer, and as a result I have a suggestion:
>
>The rsyncd.conf documentation for "use chroot" should specify that:
>
>    "use chroot = yes" is the default.
>
>  
>
Oh, but it does. Quote from man rsyncd.conf

       use chroot
              If  "use  chroot"  is  true, the rsync server will chroot 
to the
              "path" before starting the file transfer with the 
client.   This
              has the advantage of extra protection against possible 
implemen-
              tation security holes, but it has the disadvantages of 
requiring
              super-user  privileges,  of  not  being  able to follow 
symbolic
              links outside of the new root path when reading, and of 
implying
              the  --numeric-ids option because /etc/passwd becomes 
inaccessi-
              ble.  When "use chroot" is false, for security reasons  
symlinks
              may  only  be  relative paths pointing to other files 
within the
              root path, and leading slashes are removed from absolute  
paths.
              The default for "use chroot" is true.




More information about the rsync mailing list