Rsync-daemon security advisories for writable daemons

Paul Slootman paul+rsync at
Mon Dec 10 20:20:22 GMT 2007

On Tue 27 Nov 2007, Wayne Davison wrote:
> Starting with the 3.0.0-pre6 release, there will be a new daemon option
> available: "munge symlinks".  This will allow an rsync daemon to accept
> symlinks and return them intact (with even a leading slash still there,
> which is new for a non-chroot daemon), but will not allow the symlinks
> to be used while they are in the daemon's hierarchy.  For those running
> 2.6.9, there is a patch to enable this option:

It seems that people running the Debian 2.6.9-5.1 version which has this
patch applied. are running into problems where rsync wants to set
permissions on symlinks. The bug report and extra info is at .  I can't dig into this until tomorrow,
so if someone wants to have a look in the meantime...

Paul Slootman

More information about the rsync mailing list