Security issues when rsyncing directories as root

Marc Haber mh+rsync at
Thu Oct 18 14:31:03 UTC 2018


I am using rsync to keep two directores on two servers in sync. Machine
A, the "client" is the one where the rsync process is invoked, which
then logs into Machine B, the "server" as root with ssh and a key. The
key is restricted in /root/.ssh/authorized_keys to a script that checks
wither $SSH_ORIGINAL_COMMAND matches the rsync --server command that I
expect, such as, for example,
rsync --server -re.iLsfxC --delete . /etc/dhcp/synced/

Unfortunately, this is rather restrictive and unflexible.

Things would be easier if rsync would have an option like
--restrict-write, making rsync not write anywhere outside the path given
there. That way, my script would be easier an I would only need to check
server-wise whether the command line being called contains the
--restrict-write option with the correct directory.

Would that make sense? Or am I more in the market for an rsync daemon
with the "path" and "write only" options set? If so, would I need to
have an rsync daemon _running_ on the remote side if I use the rsync
--rsh=ssh /path/to/local/dir host::module syntax?


Marc Haber         | "I don't trust Computers. They | Mailadresse im Header
Leimen, Germany    |  lose things."    Winona Ryder | Fon: *49 6224 1600402
Nordisch by Nature |  How to make an American Quilt | Fax: *49 6224 1600421

More information about the rsync mailing list