Should no-tweak mode become the default?
paul+rsync at wurtel.net
Sat May 10 19:04:16 GMT 2008
On Sat 10 May 2008, Carl E. Thompson wrote:
> The reason I wanted the default changed is because it would
> automatically fix current backup systems that are vulnerable to this
> problem without all the vulnerable folks out there having to update all
> of their software and settings (just the rsync binary). Truly, though,
> it's not really a problem in rsync but in the backup systems that made
> the assumption that rsync's default behavior is appropriate for the job
> they are giving it.
> If the default won't be changed then it would be good to at least have
> an option that can be mandated on the server (daemon) side to not tweak
> attributes. That way maintainers of existing backup software can fix it
> if they choose. Not the painless fix that changing the default would be
> but at least something to reduce this vulnerability in what is probably
> the most common usage of rsync.
My two cents...
A backup system should at the least ensure that the last version is
correct. If it has to tweak the attributes to do that, it should.
If another behaviour is required, then that's the responsibility of the
software used; rsync should not have to be changed to do that, and hence
the default should not be changed.
You don't want --link-dest, but IMHO that solves the problem for any
backup software. Dirvish for example works very well in creating a fresh
snapshot that's accurate every time without changing older snapshots.
More information about the rsync