--relative simplification

Matt McCutchen matt at mattmccutchen.net
Sun Nov 4 17:56:57 GMT 2007

I observed the following about --relative:

1. From the user's perspective, its only effect is to change the suffix
of a source argument path that is included in file-list paths.  The
suffix starts after the first ./ with --relative or the last / without
it; if the marker is not present, the entire source argument path is

2. An evil client might push a file list containing multicomponent
top-level paths to a daemon without passing --relative.  If running
non-(--relative) code on such paths has security implications for the
daemon, the daemon needs to validate that the file list is free of them
if --relative is not passed.

In light of these observations, I propose that rsync check --relative
only in the interpretation of source arguments and everywhere else use
the code that handles the general case of --relative whether or not it
was passed.  This way, separate code for the special case of
non-(--relative) does not have to be maintained, and inconsistencies in
behavior with and without --relative will be less likely.  A client
sender should still pass --relative on to the server in case the server
is old and needs it to behave correctly.


More information about the rsync mailing list