On Wed, Sep 7, 2022 at 6:25 AM Thor Simon wrote: > When running in daemon mode with a module rooted at “/” [...] it seems to > me that path sanitization is not useful in this case. >
In a typical Linux install, the default of "use chroot = true" already results in sanitize_paths = 0 for a path "/' module, so you must have "use chroot = false" set in your config file. The test you added is already a part of the prior "if" since module_dirlen is 0 when the module_dir is "/". Thus, the weird part is why the code thinks that we need to force sanitation on for all use-chroot=off cases (especially when a chroot("/") doesn't accomplish anything extra for a "/" path). In looking at the various module configuration possibilities, if we're not chrooted and not serving "/", then a check of just module_dirlen is sufficient to get sanitation enabled. If we are chrooted and we have an inner module_dirlen, that also triggers the sanitization. So it seems to me that the earlier check can be changed to be just "if (module_dirlen)". I'll probably make that change after a bit more contemplation. ..wayne..
-- Please use reply-all for most replies to avoid omitting the mailing list. To unsubscribe or change options: https://lists.samba.org/mailman/listinfo/rsync Before posting, read: http://www.catb.org/~esr/faqs/smart-questions.html