an unwanted chroot() call
Daniel Ortmann
dortmann at lsil.com
Fri Nov 14 02:56:33 EST 2003
Lao Coon <laocoon at fastmail.fm> writes:
> Daniel Ortmann wrote:
>
>> Ok, I figured out the answer, and as a result I have a suggestion:
>> The rsyncd.conf documentation for "use chroot" should specify that:
>>
>> "use chroot = yes" is the default.
>>
>>
> Oh, but it does. Quote from man rsyncd.conf
> use chroot
> If "use chroot" is true, the rsync server will chroot to the
> "path" before starting the file transfer with the client. This
> has the advantage of extra protection against possible implemen-
> tation security holes, but it has the disadvantages of requiring
> super-user privileges, of not being able to follow symbolic
> links outside of the new root path when reading, and of implying
> the --numeric-ids option because /etc/passwd becomes inaccessi-
> ble. When "use chroot" is false, for security reasons symlinks
> may only be relative paths pointing to other files within the
> root path, and leading slashes are removed from absolute paths.
> The default for "use chroot" is true.
Sorry. Somehow I missed it. :-/
Maybe chroot, both yes and no, could be use in the examples?
--
Daniel Ortmann, LSI Logic, 3425 40th Av NW, Suite 200, Rochester MN 55901
work: Daniel.Ortmann at lsil.com / 507.535.3861 / 63861 int / 8012.3861 gdds
home: ortmann at venturecs.net / 507.288.7732, 2414 30Av NW #D, Rochester MN 55901
More information about the rsync
mailing list