On Sun, 2007-12-16 at 22:39 +0000, Wayne Davison wrote:> Updated security-release info includes 3.0.0pre7 release.You should make it clear that, even after this fix, daemon-excluded files are still vulnerable to a client that combines a --*-dest or --*-dir above the excluded files (which the filter doesn't prevent) with file-list path information. To close this vulnerability, rsync would have to check the path of each individual alternate basis, partial, backup, or temporary file against the filters before accessing the file. Matt
On security.html, Wayne Davison wrote:> the various --*-dest options (which shouldn't cause you any problems, > since they only supply extra basis information for the transfer)I take issue with this claim. The itemize output leaks information about whether files with certain names exist in the excluded dir. Furthermore, a client with a lot of patience can make a hard link to an excluded file by using --link-dest and --size-only and guessing every possible size of the file. Matt
Seemingly Similar Threads
- [Bug 14371] New: Combined Exclude & Protect Filter Type
- [Bug 8201] New: rsync 3.0.8 destroys SELinux security context of symbolic links
- DO NOT REPLY [Bug 5792] New: rsync fails to log files "sent" with options: --itemize-changes -n --log-file
- DO NOT REPLY [Bug 7109] New: Need to define NO_SYMLINK_XATTR on Linux
- Request for exclude syntax assistance