rsync // su

[Carson Gaspar]

--On Thursday, September 04, 2003 8:52 PM -0700 jw schultz <jw at pegasys.ws> 
wrote:

> On Thu, Sep 04, 2003 at 11:36:31PM -0400, Carson Gaspar wrote:
...
>> I don't, however, think that the rsync protocol is the right place to 
fix
>> it(speaking about normal rsync +rsh/ssh/whatever, not the rsync daemon).
>> Fixing the security issues with the daemon is a much more difficult
>> proposition.
...
> Rsync is pretty agnostic about how the connection is
> established.  If ssh doesn't support a security mechanism
> you find sufficient you need merely to create a utility that
> provides that subset of rsh/ssh functionality required by
> rsync.

I wasn't the one complaining - I was offering options. I fully agree (as I 
said...) that rsync isn't the problem. I was just trying to explain why 
allowing direct root logins really _is_ a security concern.

-- 
Carson