On Tue, Jan 14, 2003 at 10:01:47PM -0600, Lee Eakin wrote: > Yes, people do restrict args via ssh key restrictions.
OK, I thank you both for enlightening me on the subject. My current patch applies the sanitize_path() function to all names read via the --files-from option, regardless of whether we're pushing or pulling. This means that all leading slashes are dropped from file names as well as all leading "../" prefixes, and that any infix "dir/../" combos are removed. This ensures that we can't get above the root dir that was specified on the command-line. > so any sanitize code could first make sure all pathnames begin with a valid > module and then make sure the file or dir is really inside that module. This isn't needed since the module name is specified on the command-line and then all paths are relative to the directory that was specified in that module. For instance: rsync --files-from=foo remote::module/bar forces all pathnames read to be relative to the bar dir of the module. If no "/bar" path was specified, the paths would all be relative to the root-dir of the module. ..wayne.. -- To unsubscribe or change options: http://lists.samba.org/mailman/listinfo/rsync Before posting, read: http://www.tuxedo.org/~esr/faqs/smart-questions.html