Should no-tweak mode become the default?
Matt McCutchen
matt at mattmccutchen.net
Sat May 10 22:41:23 GMT 2008
On Sat, 2008-05-10 at 15:22 -0700, Carl E. Thompson wrote:
> "--link-dest" introduces other security problems itself which I have
> already discussed at length.
I guess you're referring to item 2 in your original description of bug
5448? Item 2a would be solved by the daemon link-dest parameter that I
requested in bug 5449 and plan to implement in my repository. For item
2b: I don't see why putting the real previous backup inside the chroot
is worse than putting a hard-linked copy of it inside the chroot,
because a compromised daemon could destroy the backup either way. For
item 2c: if there are any specific outstanding issues that impede your
use of --link-dest, please name them.
You are of course welcome to use whatever approach you prefer, but my
point is that once bug 5449 is implemented, there is nothing wrong with
the daemon-side link-dest approach.
Matt
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://lists.samba.org/archive/rsync/attachments/20080510/5fd99990/attachment.bin
More information about the rsync
mailing list