an unwanted chroot() call

Daniel Ortmann dortmann at lsil.com
Fri Nov 14 02:56:33 EST 2003


Lao Coon <laocoon at fastmail.fm> writes:

> Daniel Ortmann wrote:
> 
>> Ok, I figured out the answer, and as a result I have a suggestion:
   
>> The rsyncd.conf documentation for "use chroot" should specify that:
>> 
>>     "use chroot = yes" is the default.
>> 
>>   

> Oh, but it does. Quote from man rsyncd.conf

>        use chroot
>               If  "use  chroot"  is  true, the rsync server will chroot to the
>               "path" before starting the file transfer with the client. This
>               has the advantage of extra protection against possible implemen-
>               tation security holes, but it has the disadvantages of requiring
>               super-user  privileges,  of  not  being  able to follow symbolic
>               links outside of the new root path when reading, and of implying
>               the  --numeric-ids option because /etc/passwd becomes inaccessi-
>               ble.  When "use chroot" is false, for security reasons symlinks
>               may  only  be  relative paths pointing to other files within the
>               root path, and leading slashes are removed from absolute paths.
>               The default for "use chroot" is true.

Sorry.  Somehow I missed it.  :-/

Maybe chroot, both yes and no, could be use in the examples?

-- 
Daniel Ortmann, LSI Logic, 3425 40th Av NW, Suite 200, Rochester MN 55901
work: Daniel.Ortmann at lsil.com / 507.535.3861 / 63861 int / 8012.3861 gdds
home: ortmann at venturecs.net / 507.288.7732, 2414 30Av NW #D, Rochester MN 55901



More information about the rsync mailing list