Feature request: save-as-user
qms01 at optusnet.com.au
Sat Sep 13 22:32:19 GMT 2008
On 14/09/08 04:53:55, Carlos Carvalho wrote:
> Quey (qms01 at optusnet.com.au) wrote on 13 September 2008 07:10:
> >Is it possible to request a new feature that will help out some
> >doing many mirrors, that is each mirror has their own system uid
> >security puroposes, it would be of great advantage (to I'm sure
> >many) to have an option to "save as user" <some_user> rather
> >have the files/directories only owned by the mirror host side
> >owner/group, or by root.
> >maybe something like a --chown user.group
> We host many mirrors and this feature is not at all necessary. Just
> run rsync with the user that owns that particular mirror. If you
> to launch the update as root just use su.
We feel it is for security reasons.
A number of these mirrors are also WWW mirrors with all sorts of php
and cgi crud, we have some mirrors that actually have the same remote
server uid, therefor they both have the same uid on our system, and
if one was attacked and exploited then I dont want to have anyone
have to explain why another mirror was also taken, script kiddies can
be very bored sometimes and as you know once acces sis gained as user
X, then you can do whatever as user X, and I rather be safer than
sorry, the patch Wayne has pointed me to means we no longer have to
run dozens of recursive chowns in the crons adding to the high I/O
already on those machines.
> Please use reply-all for most replies to avoid omitting the mailing
> To unsubscribe or change options:
> Before posting, read:
More information about the rsync