error rsync'ing links of the form ../xxx
Wayne Davison
wayned at samba.org
Tue May 2 18:15:10 GMT 2006
On Tue, May 02, 2006 at 09:13:47AM -0400, Gary Aviv wrote:
> In fact, even if the link is invalid it should be transfered.
The desire is to make a daemon that is running without chroot work as
closely as possible to a daemon that is running with chroot. So, what
we definitely need to avoid is letting a user create a symlink that then
gives them access to a file outside of the module's directory. It seems
to me that this would best be done by not sanitizing the symlink on the
way into the server, but instead ensuring that any symlink expansion
when requesting files does not succeed in reading data from outside the
module's path. This is a little less efficient to implement than
tweaking the paths on the way in (since it would require an extra stat
to check if we're expanding a symlink), but I think it would make things
work quite a bit better, and the extra work would only need to be done
when one of the --copy-links options was used with a daemon that was not
using chroot.
I have not implemented the above idiom yet, but I did fix the problem
where the sanitizing was being too aggressive in removing allowable ..
references. You can try out that version by fetching the latest nightly
tar file or the CVS version.
..wayne..
More information about the rsync
mailing list