On 2018-02-01 22:17, Ansgar Burchardt wrote:
> Philipp Kern writes:
> > On 01.02.2018 10:30, Ansgar Burchardt wrote:
> >> There is already a `buildd-uploader` role account on the upload hosts
> >> both main and security archive, a `rsync-ssh-wrap` script, and someone
> >> also set up authorized_keys.
> >> I'm just not sure if it is already in use for security uploads? I
> >> believe it was used for uploads to the main archive already (not sure if
> >> it currently is?).
> > Indeed, it uses rsync over SSH through dupload. For security it uses
> > FTP. Interestingly an rsync-security dupload.conf entry exists, but it
> > doesn't seem to be used.
> Hmm, maybe we should try if it does the right thing? The wrapper script
> should ignore the `chmod` call I mentioned in #876900, so the uploaded
> files shouldn't even be readable by other DDs.
The problem there is that rsync when used with dupload forces the
uploaded file to be world readable, until the package is moved out from
the upload directory by dupload.
Aurelien Jarno GPG: 4096R/1DDD8C9B