Rsync-daemon security advisories for writable daemons

Olivier Thauvin nanardon at nanardon.zarb.org
Mon Dec 10 21:20:26 GMT 2007


Le lundi 10 décembre 2007, Matt McCutchen a écrit :
> On Mon, 2007-12-10 at 21:20 +0100, Paul Slootman wrote:
> > It seems that people running the Debian 2.6.9-5.1 version which has this
> > patch applied. are running into problems where rsync wants to set
> > permissions on symlinks.
>
> In the report rsync seems to want to set mtimes, not permissions.
>
> > The bug report and extra info is at
> > http://bugs.debian.org/455194 .  I can't dig into this until tomorrow,
> > so if someone wants to have a look in the meantime...
>
> My guess is that the problem has nothing to do with the munge-symlinks
> patch itself and it is just that the 2.6.9-5.1 package was built on a
> newer system.
>
> Specifically: A lutimes function to set symlink mtimes was recently
> added to glibc, and the underlying utimensat system call was added to
> Linux 2.6.22.  Rsync's configure script checks whether the build
> machine's glibc advertises a non-stub lutimes function; if so, the built
> executable tries to set symlink mtimes.  If a copy of rsync built on a
> machine with lutimes runs on a machine without it (e.g., kernel before
> 2.6.22), rsync will try and fail to set symlink mtimes.  Thus, if the
> Debian build machine were upgraded to support lutimes between the
> building of the 2.6.9-5 and 2.6.9-5.1 packages, that would explain what
> users are seeing.

I had the same issue on some mandriva system, to avoid the issue I did:

perl -pi -e 's:^#define HAVE_LUTIMES 1$:/* #undef HAVE_LUTIMES */:' config.h

This "issue" exists also in rsync 2.6.9. I don't how to really fix into rsync, 
except checking uname to get the running kernel's version.

Regards.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part.
Url : http://lists.samba.org/archive/rsync/attachments/20071210/c2c74c77/attachment.bin


More information about the rsync mailing list