Daemon exclude fix [Re: CVS update: rsyncweb]
Matt McCutchen
matt at mattmccutchen.net
Mon Dec 17 01:33:53 GMT 2007
On security.html, Wayne Davison wrote:
> the various --*-dest options (which shouldn't cause you any problems,
> since they only supply extra basis information for the transfer)
I take issue with this claim. The itemize output leaks information
about whether files with certain names exist in the excluded dir.
Furthermore, a client with a lot of patience can make a hard link to an
excluded file by using --link-dest and --size-only and guessing every
possible size of the file.
Matt
More information about the rsync
mailing list