Re: need help with an rsync patch

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Chown itself is not insecure. The indiscriminate chowning of all files creates security issues. You can use --fake-super on push backups. In fact that is what - --fake-super is DESIGNED FOR. You just have to make sure that - --fake-super is running

Re: need help with an rsync patch

On Thursday 29 August 2013 11:46 PM, Wayne Davison wrote: On Tue, Aug 27, 2013 at 8:03 PM, Sherin A > wrote: Hope they will report it as a vulnerability , because this POC has been exploited successfully and it is affected by all software that use rsync

Re: Potential incompatibilities between '--delete' and --copy-unsafe-symlinks' ???

Wayne, Thanks so much for your spot-on reply. More inline below. On Sun, Aug 25, 2013, Wayne Davison wrote: > On Sat, Aug 24, 2013 at 3:19 PM, Daniel Freedman wrote: > > In particular, I've been having long-standing issues (just now > > getting around to trying to resolve them) when I use rsync

Re: need help with an rsync patch

On Tue, Aug 27, 2013 at 8:03 PM, Sherin A wrote: > Hope they will report it as a vulnerability , because this POC has been > exploited successfully and it is affected by all software that use rsync > as a backup and restore tool. This is totally false. The vulnerability is your insecure u