Nick Cleaton <n...@cleaton.net> writes:
> If you really want the rsync protocol then a forced command of "${things
> such as nsjail and libcallfilt go here} rsync --server --daemon --config
> /etc/some-rsyncd.conf ." is probably about as solid as you can get it:
> rsync in daemon mode is designed to interact with an untrusted user, and
> you get to set which parts of the filesystem are readable and writable
> in /etc/some-rsyncd.conf.
> You do have to adapt the rsync client command though, to work in terms of
> modules defined in your rsyncd.conf rather than file paths:
> rsync -av -e ssh /my/thing u...@rsync-server.example.com::backups/
Don't you lose SSH authentication this way? You're spawning a separate
daemon that I think is now using the built-in rsync authentication, which
is just password (or nothing), so an attacker can then just connect
directly to the daemon that you've spawned.
--
Russ Allbery (ea...@eyrie.org) <http://www.eyrie.org/~eagle/>
_______________________________________________
rssh-discuss mailing list
rssh-discuss@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/rssh-discuss
