tim.conway@philips.com
2002-Jul-09 16:05 UTC
strip setuid/setgid bits on backup (was Re: small security-related rsync extension)
I vote for the consistent, complete log format as a solution to this sort of thing, and those who need to take non-rsync related actions based on what rsync did can write their own applications to do so. People keep coming up with some particular thing they need done for their own application, and want rsync to do that too. rsync is a tool to make one thing exactly like another. It is not an archiver (keep files compressed on the receiving end), a file mover (--move-files), two-way syncronizer, nor a distributed filesystem solution. It makes two things the same. Trying to add unrelated "features" to it just bloats the code and takes time away from making it more efficient at what it's supposed to do. "Yeah, our new model car uses gas exponentially with the distance traveled, and has to warm up for 1.5 times as long as the trip will take, but before we work on that, we want to add the dumptruck, palmpilot, and grapefruit spoon features." Who cares what we parse the log with? I, for one, DO think perl is a good solution. Text processing was what it was designed for in the first place. Tim Conway tim.conway@philips.com 303.682.4917 office, 3039210301 cell Philips Semiconductor - Longmont TC 1880 Industrial Circle, Suite D Longmont, CO 80501 Available via SameTime Connect within Philips, n9hmg on AIM perl -e 'print pack(nnnnnnnnnnnn, 19061,29556,8289,28271,29800,25970,8304,25970,27680,26721,25451,25970), ".\n" ' "There are some who call me.... Tim?"
Dan Stromberg
2002-Jul-11 15:17 UTC
strip setuid/setgid bits on backup (was Re: small security-related rsync extension)
On Tue, Jul 09, 2002 at 05:05:31PM -0600, tim.conway@philips.com wrote:> I vote for the consistent, complete log format as a solution to this sort > of thing, and those who need to take non-rsync related actions based on > what rsync did can write their own applications to do so. > > People keep coming up with some particular thing they need done for their > own application, and want rsync to do that too. rsync is a tool to make > one thing exactly like another. It is not an archiver (keep filesThen rsync is failing in that goal when it creates ~ files. I'm just trying to keep the ~ files from being a liability to anyone with any security awareness (and those who aren't aware as well). Maybe you guys all live behind firewalls with employees you can fire if there's a local root, but we have servers with thousands of students and very limited firewalling. We simply must pay attention to this stuff, and frankly even if you think you're protected, you still should take some steps to ensure security.> "Yeah, our new model car uses gas exponentially with the distance > traveled, and has to warm up for 1.5 times as long as the trip will take, > but before we work on that, we want to add the dumptruck, palmpilot, and > grapefruit spoon features."I want to remove the misfeature that throws broken glass in front of your own wheels. Is that so bad? -- Dan Stromberg UCI/NACS/DCS -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 232 bytes Desc: not available Url : http://lists.samba.org/archive/rsync/attachments/20020711/2aaa420a/attachment.bin
Maybe Matching Threads
- strip setuid/setgid bits on backup (was Re: small security-related rsync extension)
- strip setuid/setgid bits on backup (was Re: small security-related rsync extension)
- rsync digest, Vol 1 #797 - 4 msgs
- strip setuid/setgid bits on backup (was Re: small security-related rsync extension)
- Sorry about that-New way to run Rsync on OSX