Fwd: Re: need help with an rsync patch
sherinmon at gmail.com
Tue Aug 13 01:13:33 MDT 2013
On Tuesday 13 August 2013 12:23 PM, Joe wrote:
> Is there any way at all to say which is the original file and which is
> the hard link? I'll bet there isn't, although I' m not an internals guy
> at all. If so, this would be impossible to do. The inode is the
> "original", but all the file table entries to it are hard links (if
> they're not symlinks.)
> I guess the question is, what do you really want to accomplish?
> The fact that more than one hard link exists probably means it really
> does need to be backed up - or that the hard link shouldn't be there in
> the original file system.
> On 08/13/2013 01:11 AM, Sherin A wrote:
>> Can some one create a patch for excluding "hard link regular file"
>> from copying ?. May be like a command flag , rsync
>> --no-hardlink-copy ....
I think it is possible to check whether a file is regular file or
having more than one links, ( you can check it with stat system call )
The situation is we have an rsync command in a server which will copy
files of local users into a remote server / filesystem . Also have
ability to restore it , it is simple backup. But if a user create a
hard link to /etc/shadow from his home dir , and he request a restore ,
then he can read the shadow files and decrypt it .
So if there is an option to avoid hardlinks during copy process , it
is will add and extra security , it only need to add the following check
1) Check the file that are going to copy is a regular file or having
more than 1 links
Also we have checked a lot of other thridparty software that use this
rsync too, which all have this race condition exploit running on .
let me know if you need a POC
More information about the rsync