Alain D D Williams <a...@phcomp.co.uk> writes: > A recent problem with a rsync/rssh setup that has worked since 2012. > This happened since update to rssh-2.3.4-15 a few days ago. Running on > a CentOS 6 machine.
> The recent patch forbids the --daemon option - but I need this as I want > an instance of rsync (running over ssh) that exports two modules. The > files in the modules are not publicly visible - thus only available over > ssh as a particular user (public key authentication). > The patch contains the comment: > "Also scan the rsync command line for any --rsh, --config, or --daemon > option and reject it as well. This replaces and improves the upstream > strategy for rejecting that command-line option, taking advantage of > the parsing added to check the -e option. --config can be used to run > commands via "pre-xfer exec" when running as a daemon, plus the client > should not be able to spawn daemons." > So: how do I do this with this patch applied ? You unfortunately can't. I couldn't convince myself that --daemon was safe in the rssh security model. If you can convince yourself that it is, you can remove --daemon from the options that are blocked. Make sure that the configuration file isn't writable by the user via rsync, since otherwise this is trivial RCE, and be sure that other options like --address and --port don't allow someone to do something that you don't expect. -- Russ Allbery (ea...@eyrie.org) <https://www.eyrie.org/~eagle/> _______________________________________________ rssh-discuss mailing list rssh-discuss@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/rssh-discuss
