rsync over ssh - possible attack vectors

g. sullivan gsullivan.mlists.only at
Fri Apr 16 18:17:36 MDT 2010

On 4/16/2010 4:30 PM, Matt McCutchen wrote:
> On Fri, 2010-04-16 at 02:16 +0200, George Sullivan wrote:
>> user1 at localserver:$ rsync -rtcve ssh user1 at remoteserver:/.../ /local/.../

> The remote server can change arbitrary files on the local server by
> sending a symlink and then using paths that go through the symlink.  The
> current development rsync has a --munge-links option to prevent that.
> Unfortunately, that option is not available in the 3.0.x branch at this
> time.

What about --safe-links? Since I'm not using -l or -a I thought rsync 
ignores symlinks altogether.

 > The codebase is large and complex,
 > especially with the addition of incremental recursion, and I would be
 > foolish to assert that there's no way to exploit it.

Is using --no-inc-recursive a good idea then?

Thanks for your reply it's a lot clearer now.


More information about the rsync mailing list