The branch, master has been updated via 55ad8757 Make a `--trust-sender` a bit clearer. via 3e4b0117 One more doc tweak. from 2f1d1d5c Add packaging note.
https://git.samba.org/?p=rsync.git;a=shortlog;h=master - Log ----------------------------------------------------------------- commit 55ad8757ec32f9aa202305ea6e0d72bd55d66efd Author: Wayne Davison <wa...@opencoder.net> Date: Wed Aug 10 16:25:37 2022 -0700 Make a `--trust-sender` a bit clearer. commit 3e4b01173ab2c6f8014a027bd69f1443b20b3a68 Author: Wayne Davison <wa...@opencoder.net> Date: Wed Aug 10 08:47:11 2022 -0700 One more doc tweak. ----------------------------------------------------------------------- Summary of changes: rsync.1.md | 25 +++++++++++++++---------- 1 file changed, 15 insertions(+), 10 deletions(-) Changeset truncated at 500 lines: diff --git a/rsync.1.md b/rsync.1.md index 627c4290..f29495f2 100644 --- a/rsync.1.md +++ b/rsync.1.md @@ -2414,17 +2414,19 @@ expand it. 0. `--trust-sender` - Disable the extra validation of the file list from a remote sender (this - safety feature was added in 3.2.5). This should only be done if you trust - the sender to not try to do something malicious, which should be the case - if they're running a stock rsync. + This option disables two extra validation checks that a local client + performs on the file list generated by a remote sender. This option should + only be used if you trust the sender to not put something malicious in the + file list (something that could possibly be done via a modified rsync, a + modified shell, or some other similar manipulation). - Normally when pulling files from a remote rsync, the client runs 2 extra - validation checks: + Normally, the rsync client (as of version 3.2.5) runs two extra validation + checks when pulling files from a remote rsync: - - Verify that additional arg items didn't get added at the top of the + - It verifies that additional arg items didn't get added at the top of the transfer. - - Verify that none of the items in the file list should have been excluded. + - It verifies that none of the items in the file list are names that should + have been excluded (if filter rules were specified). Note that various options can turn off one or both of these checks if the option interferes with the validation. For instance: @@ -2440,8 +2442,11 @@ expand it. This option may help an under-powered client server if the extra pattern matching is slowing things down on a huge transfer. It can also be used to - work around a currently-unknown bug in the verification logic, possibly - after using the [`--list-only`](#opt) option to approve the file list. + work around a currently-unknown bug in the verification logic for a transfer + from a trusted sender. + + When using this option it is a good idea to specify a dedicated destination + directory, as discussed in the [MULTI-HOST SECURITY](#) section. 0. `--copy-as=USER[:GROUP]` -- The rsync repository. _______________________________________________ rsync-cvs mailing list rsync-cvs@lists.samba.org https://lists.samba.org/mailman/listinfo/rsync-cvs