DO NOT REPLY [Bug 1890] TLS for rsync protocol
samba-bugs at samba.org
samba-bugs at samba.org
Sat Aug 8 05:44:14 MDT 2009
https://bugzilla.samba.org/show_bug.cgi?id=1890
------- Comment #6 from devzero at web.de 2009-08-08 06:44 CST -------
when using rsync over ssh, you give a remote user interactive shell access.
shell access is not needed for that and may quite often impose a severe
security risk. (undermine firewall policies etc)
how do you prevent that ?
there may be some way to use a restricted shell like scponly, but all such
solutions are just an ugly hack, as they are adressing an architectural
problem.
furthermore , you cannot use ssh for encryption when running rsync in daemon
mode.
so, the demand for "sending/receiving data trough an encrypted socket
connection" is valid, and thus the request for tls here.
--
Configure bugmail: https://bugzilla.samba.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the QA contact for the bug, or are watching the QA contact.
More information about the rsync
mailing list