Fwd: Re: need help with an rsync patch

Matthias Schniedermeyer ms at citd.de
Tue Aug 13 09:26:59 MDT 2013

On 13.08.2013 20:44, Sherin A wrote:
> On Tuesday 13 August 2013 05:50 PM, Paul Slootman wrote:
> >On Tue 13 Aug 2013, Matthias Schniedermeyer wrote:
> >>BUT there is no direct vulnerability in that, only processes after that
> >>(like backup/rsync) can make a vulnerability out of it.
> >... which is what I already wrote.
> >
> >
> >Paul
> So the solutions is to upgrade the kernel to 3.6  in all Operating
> systems installations. ?  If it is one server  , then it  was a
> solution.  Is it possible to add a flag to exclude hard inks of
> regular file instead of waiting the OS vendors for updating there
> kernel  to 3.6

The other solution, if possible, is using separate 

As hardlinks only work inside a single filesystem, if you can 
separate different things you significantly reduce the problematic 
The described "problem" with /etc/shadow can be prevented by that, if 
the file isn't on the same filesytem, it can't be hardlinked.

The advantage of this solution is that it workes for (all) older 



More information about the rsync mailing list