X-Git-Url: https://mattmccutchen.net/rsync/rsync.git/blobdiff_plain/9aacb4df0e29b11e298d7353467d821e4a17cc12..04f48837d10a562860556cd7b23f59653f3564c1:/rsyncd.conf.yo

diff --git a/rsyncd.conf.yo b/rsyncd.conf.yo
index 4186ad4d..448b45e6 100644
--- a/rsyncd.conf.yo
+++ b/rsyncd.conf.yo
@@ -163,7 +163,7 @@ specified.
 Note that you are free to setup user/group information in the chroot area
 differently from your normal system.  For example, you could abbreviate
 the list of users and groups.  Also, you can protect this information from
-being downloaded/uploaded by adding an exclude rule to the rsync.conf file
+being downloaded/uploaded by adding an exclude rule to the rsyncd.conf file
 (e.g. "exclude = /etc/**").  Note that having the exclusion affect uploads
 is a relatively new feature in rsync, so make sure your daemon is
 at least 2.6.3 to effect this.  Also note that it is safest to exclude a
@@ -470,6 +470,9 @@ quote(itemize(
   it() bf(RSYNC_REQUEST): (pre-xfer only) The module/path info specified
   by the user (note that the user can specify multiple source files,
   so the request can be something like "mod/path1 mod/path2", etc.).
+  it() bf(RSYNC_ARG#): (pre-xfer only) The pre-request arguments are set
+  in these numbered values. RSYNC_ARG0 is always "rsyncd", and the last
+  value contains a single period.
   it() bf(RSYNC_EXIT_STATUS): (post-xfer only) rsync's exit value.  This will be 0 for a
   successful run, a positive value for an error that rsync returned
   (e.g. 23=partial xfer), or a -1 if rsync failed to exit properly.
@@ -485,11 +488,11 @@ enddit()
 manpagesection(AUTHENTICATION STRENGTH)
 
 The authentication protocol used in rsync is a 128 bit MD4 based
-challenge response system. Although I believe that no one has ever
-demonstrated a brute-force break of this sort of system you should
-realize that this is not a "military strength" authentication system.
-It should be good enough for most purposes but if you want really top
-quality security then I recommend that you run rsync over ssh.
+challenge response system. This is fairly weak protection, though (with
+at least one brute-force hash-finding algorithm publicly available), so
+if you want really top-quality security, then I recommend that you run
+rsync over ssh.  (Yes, a future version of rsync will switch over to a
+stronger hashing method.)
 
 Also note that the rsync daemon protocol does not currently provide any
 encryption of the data that is transferred over the connection. Only