Patch: disable path sanitization for modules rooted at "/"
Thor Simon
Thor.Simon at twosigma.com
Wed Sep 7 13:05:37 UTC 2022
When running in daemon mode with a module rooted at "/", it is not possible to "escape" the module.
Not by prefixing a link target with "../../../../../../..".
Not by prefixing a link target with "/" nor "////".
So it seems to me that path sanitization is not useful in this case. And it breaks stuff. In particular, I have a file distribution system where large numbers of authenticated users can use rsync in daemon mode as a forced SSH command, authenticating as themselves, and path sanitization damages links like "../../../../../../../etc/localtime" in user directories - which may be dubious in purpose, but which are harmless. And I am not the arbiter of my users' data in this sense. Turning on symlink munging of course damages these data even more - I would prefer to not have it damaged at all.
Trivial fix attached.
Thor
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.samba.org/pipermail/rsync/attachments/20220907/8560eaa7/attachment.htm>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: clientserver.diff
Type: application/octet-stream
Size: 687 bytes
Desc: clientserver.diff
URL: <http://lists.samba.org/pipermail/rsync/attachments/20220907/8560eaa7/clientserver.obj>
More information about the rsync
mailing list