[Bug 11879] escape rrsync restricted folder
samba-bugs at samba.org
samba-bugs at samba.org
Tue Nov 13 06:23:43 UTC 2018
https://bugzilla.samba.org/show_bug.cgi?id=11879
Nick Cleaton <nick at cleaton.net> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |nick at cleaton.net
--- Comment #2 from Nick Cleaton <nick at cleaton.net> ---
Created attachment 14648
--> https://bugzilla.samba.org/attachment.cgi?id=14648&action=edit
rrysnc patch to avoid following symlinks out of the restricted dir
This patch fixes it a different way, by preventing rrysnc from following
symlinks out of the restricted dir rather than by blocking their creation.
This comes at the cost of adding a lock to prevent any other rrsync running at
the same time as a write rrsync. Without that, an attacker could bypass the
check by replacing a directory with a symlink after rrsync has checked it but
before rsync has opened it.
It's still somewhat less secure than adding --munge-links, because it's more
complex.
--
You are receiving this mail because:
You are the QA Contact for the bug.
More information about the rsync
mailing list