rsync over ssh - possible attack vectors
g. sullivan
gsullivan.mlists.only at googlemail.com
Fri Apr 16 18:17:36 MDT 2010
On 4/16/2010 4:30 PM, Matt McCutchen wrote:
> On Fri, 2010-04-16 at 02:16 +0200, George Sullivan wrote:
>> user1 at localserver:$ rsync -rtcve ssh user1 at remoteserver:/.../ /local/.../
> The remote server can change arbitrary files on the local server by
> sending a symlink and then using paths that go through the symlink. The
> current development rsync has a --munge-links option to prevent that.
> Unfortunately, that option is not available in the 3.0.x branch at this
> time.
What about --safe-links? Since I'm not using -l or -a I thought rsync
ignores symlinks altogether.
> The codebase is large and complex,
> especially with the addition of incremental recursion, and I would be
> foolish to assert that there's no way to exploit it.
Is using --no-inc-recursive a good idea then?
Thanks for your reply it's a lot clearer now.
George
More information about the rsync
mailing list