rsync // su
Carson Gaspar
carson at taltos.org
Fri Sep 5 14:13:08 EST 2003
--On Thursday, September 04, 2003 8:52 PM -0700 jw schultz <jw at pegasys.ws>
wrote:
> On Thu, Sep 04, 2003 at 11:36:31PM -0400, Carson Gaspar wrote:
...
>> I don't, however, think that the rsync protocol is the right place to
fix
>> it(speaking about normal rsync +rsh/ssh/whatever, not the rsync daemon).
>> Fixing the security issues with the daemon is a much more difficult
>> proposition.
...
> Rsync is pretty agnostic about how the connection is
> established. If ssh doesn't support a security mechanism
> you find sufficient you need merely to create a utility that
> provides that subset of rsh/ssh functionality required by
> rsync.
I wasn't the one complaining - I was offering options. I fully agree (as I
said...) that rsync isn't the problem. I was just trying to explain why
allowing direct root logins really _is_ a security concern.
--
Carson
More information about the rsync
mailing list