[Bug 11879] escape rrsync restricted folder

samba-bugs at samba.org samba-bugs at samba.org
Tue Nov 13 06:23:43 UTC 2018


Nick Cleaton <nick at cleaton.net> changed:

           What    |Removed                     |Added
                 CC|                            |nick at cleaton.net

--- Comment #2 from Nick Cleaton <nick at cleaton.net> ---
Created attachment 14648
  --> https://bugzilla.samba.org/attachment.cgi?id=14648&action=edit
rrysnc patch to avoid following symlinks out of the restricted dir

This patch fixes it a different way, by preventing rrysnc from following
symlinks out of the restricted dir rather than by blocking their creation.

This comes at the cost of adding a lock to prevent any other rrsync running at
the same time as a write rrsync. Without that, an attacker could bypass the
check by replacing a directory with a symlink after rrsync has checked it but
before rsync has opened it.

It's still somewhat less secure than adding --munge-links, because it's more

You are receiving this mail because:
You are the QA Contact for the bug.

More information about the rsync mailing list