rcorujo
2007-Apr-05 18:54 UTC
Preventing non-root users from transferring root owned files
Hello, It seems that a non-root user is able to copy root owned files. By that I mean a file that has "400" permission, for example. rsync <server_host_name>::base_image/etc/<root_owned_file> . The "rsyncd.conf" file has "uid=root" and "gid=root". What options do I need to use so that root can copy root owned files, but non-root users cannot copy root owned files? That is, how do I get rsync to honor file permissions the same way that the "cp" command would? Thank you. Rigoberto -- View this message in context: http://www.nabble.com/Preventing-non-root-users-from-transferring-root-owned-files-tf3532972.html#a9860697 Sent from the Samba - rsync mailing list archive at Nabble.com.
Wayne Davison
2007-Apr-05 22:54 UTC
Preventing non-root users from transferring root owned files
On Thu, Apr 05, 2007 at 11:54:19AM -0700, rcorujo wrote:> What options do I need to use so that root can copy root owned files, but > non-root users cannot copy root owned files?You need a separate module configured for non-root access (give it a uid/gid of nobody or some other normal user). A daemon can't tell what user is running the remote program, so it always runs as the user you tell it to run as. Of course, the other option is to not use daemon access, but a remote shell (such as ssh) to enforce user permissions that way. ..wayne..