On Sun, 2007-12-16 at 22:39 +0000, Wayne Davison wrote: > Updated security-release info includes 3.0.0pre7 release.
You should make it clear that, even after this fix, daemon-excluded files are still vulnerable to a client that combines a --*-dest or --*-dir above the excluded files (which the filter doesn't prevent) with file-list path information. To close this vulnerability, rsync would have to check the path of each individual alternate basis, partial, backup, or temporary file against the filters before accessing the file. Matt -- To unsubscribe or change options: https://lists.samba.org/mailman/listinfo/rsync Before posting, read: http://www.catb.org/~esr/faqs/smart-questions.html
