[Bug 12576] popt aliases allow users to bypass sudo argument restrictions

samba-bugs at samba.org samba-bugs at samba.org
Mon Feb 13 21:12:40 UTC 2017


https://bugzilla.samba.org/show_bug.cgi?id=12576

--- Comment #7 from Kevin Korb <rsync at sanitarium.net> ---
I have been thinking about this a bit and I believe it is a sudo problem and
not an rsync problem.  It is not rsync's job to secure the command line.  Plus
rsync is far from the only program that uses popt to parse the command line and
therefore not the only program that would be affected by this problem.

However, I do think that Wayne should add at least one of your patches since
this would also affect rrsync and other forms of ssh ForcedCommands.

Note that I don't know much about popt and might be missing something
obvious/simple.

-- 
You are receiving this mail because:
You are the QA Contact for the bug.



More information about the rsync mailing list