[Fwd: Re: rsync server complaining about vanishing files while they are not.]

Tim Conway conway at us.ibm.com
Tue Jun 8 22:17:06 GMT 2004


Hans:  Unless your server is in a completely trusted network, I'd suggest 
you put down some include/exclude rules for that module, because people 
can poke about anywhere they want.
[module]
path = /only/directory/you/want/to/give/them
use chroot = no

user does
rsync server::module/../../../../../../../etc/security/passwd .

Permissions (don't put "uid = 0" in the rsyncd.conf) can prevent that one, 
but
rsync -a server::module/../../../../../../.. .
is probably something you don't want.

Tim Conway
Unix System Administration
Contractor - IBM Global Services
desk:3032734776
conway at us.ibm.com




   Yep, I have set "use chroot = no" for the module and it works.  The 
symlinks 
I have are created automatically by a tool and are absolute.  But since 
"use 
chroot = no" handles well absolute links from root/, the transfer works 
A1.

   Thanks for your input, Wayne.



More information about the rsync mailing list