Matt McCutchen's Web Site
/
rsync
/
rsync.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
Fix significant security holes with "use chroot = no" in an rsync daemon:
[rsync/rsync.git]
/
clientserver.c
diff --git
a/clientserver.c
b/clientserver.c
index
ace360b
..
8425243
100644
(file)
--- a/
clientserver.c
+++ b/
clientserver.c
@@
-25,6
+25,7
@@
extern int read_only;
extern int verbose;
extern int rsync_port;
char *auth_user;
extern int verbose;
extern int rsync_port;
char *auth_user;
+int sanitize_paths = 0;
int start_socket_client(char *host, char *path, int argc, char *argv[])
{
int start_socket_client(char *host, char *path, int argc, char *argv[])
{
@@
-221,6
+222,7
@@
static int rsync_module(int fd, int i)
io_printf(fd,"@ERROR: chdir failed\n");
return -1;
}
io_printf(fd,"@ERROR: chdir failed\n");
return -1;
}
+ sanitize_paths = 1;
}
if (am_root) {
}
if (am_root) {
@@
-262,7
+264,7
@@
static int rsync_module(int fd, int i)
request = strdup(p);
start_glob++;
}
request = strdup(p);
start_glob++;
}
- glob_expand(name, argv, &argc, MAX_ARGS
, !use_chroot
);
+ glob_expand(name, argv, &argc, MAX_ARGS);
} else {
argc++;
}
} else {
argc++;
}
@@
-276,7
+278,7
@@
static int rsync_module(int fd, int i)
}
}
}
}
- if (
!use_chroot
) {
+ if (
sanitize_paths
) {
/*
* Note that this is applied to all parameters, whether or not
* they are filenames, but no other legal parameters contain
/*
* Note that this is applied to all parameters, whether or not
* they are filenames, but no other legal parameters contain
@@
-285,7
+287,7
@@
static int rsync_module(int fd, int i)
* and which aren't.
*/
for (i = 1; i < argc; i++) {
* and which aren't.
*/
for (i = 1; i < argc; i++) {
- sanitize_path(argv[i]);
+ sanitize_path(argv[i]
, NULL
);
}
}
}
}