Restricting rsync over ssh

Dmitry V. Levin ldv at altlinux.org
Tue Dec 28 16:43:26 GMT 2004


On Tue, Dec 28, 2004 at 05:24:27PM +0100, Bob wrote:
> I would like to avoid using chroot because it implies my dummy-shell 
> must run in suid root. Furthermore, it forces to create a jail with the 
> binaries and libraries inside. I was thinking to this solution to avoid 
> doing this.

Is there any reason to avoid this jail solution?

> Do you think there are some security issues using realpath 
> instead of chroot ?

Yes, realpath introduces time-of-check-time-of-use race condition:
during the check your canonical path is fine, then user changes some
symlinks (using shell or via rsync) and gets out of his home directory.


-- 
ldv
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
Url : http://lists.samba.org/archive/rsync/attachments/20041228/5eee9d61/attachment.bin


More information about the rsync mailing list