Fwd: Re: need help with an rsync patch

Paul Slootman paul+rsync at wurtel.net
Tue Aug 13 07:51:05 MDT 2013

On Tue 13 Aug 2013, Matthias Schniedermeyer wrote:
> I read your sentence differently:
> > If he can make a HARD link to the shadow file, then he can already 
> > read it - and worse.
> My understanding of your sentence says:
> The ability to hardlink, means that anyone can read any file they can 
> make a hardlink to.

Then I didn't express myself clearly enough. Again, keep in mind I was
thinking from the perspective of a linux 3.6 and up kernel without any
sys tweaks.

> Having access to the directory entry is not the same as having access to 
> the inode. User/group/permission is on the inode NOT the 
> directory-entry.

I have access to the inode when I do an "ls -l" of the file :-P
perhaps you mean "modification permissions". Then again, when
hardlinking, I'm changing the link count which is stored in the inode... :)

I'm done here... coming back to the OP's problem: if the backup is made
by root, then a user should not be allowed to access all parts of that
backup. The security problem is there, and not in rsync.


More information about the rsync mailing list