Rsync-daemon security advisories for writable daemons
Matt McCutchen
matt at mattmccutchen.net
Mon Dec 10 21:09:34 GMT 2007
On Mon, 2007-12-10 at 21:20 +0100, Paul Slootman wrote:
> It seems that people running the Debian 2.6.9-5.1 version which has this
> patch applied. are running into problems where rsync wants to set
> permissions on symlinks.
In the report rsync seems to want to set mtimes, not permissions.
> The bug report and extra info is at
> http://bugs.debian.org/455194 . I can't dig into this until tomorrow,
> so if someone wants to have a look in the meantime...
My guess is that the problem has nothing to do with the munge-symlinks
patch itself and it is just that the 2.6.9-5.1 package was built on a
newer system.
Specifically: A lutimes function to set symlink mtimes was recently
added to glibc, and the underlying utimensat system call was added to
Linux 2.6.22. Rsync's configure script checks whether the build
machine's glibc advertises a non-stub lutimes function; if so, the built
executable tries to set symlink mtimes. If a copy of rsync built on a
machine with lutimes runs on a machine without it (e.g., kernel before
2.6.22), rsync will try and fail to set symlink mtimes. Thus, if the
Debian build machine were upgraded to support lutimes between the
building of the 2.6.9-5 and 2.6.9-5.1 packages, that would explain what
users are seeing.
Rsync 3.0.0 has been changed to ignore errors in lutimes calls to avoid
harassing users in situations like this:
http://git.samba.org/?p=rsync.git;a=commit;h=149a78e33f1632c8a3bdd00e10aecf69c8d5608d
Debian could adopt this change or disable lutimes again for everybody by
passing ac_cv_func_lutimes=no to the configure script.
Matt
More information about the rsync
mailing list