The Samba-Bugzilla – Bug 11879
escape rrsync restricted folder
Last modified: 2016-05-26 16:12:06 UTC
It is possible to escape rrsync restricted folder by syncing (using rsync -a ...) a symbolic link to the parent folder and then syncing with this symbolic link.
Concretely, we could do:
ln -s .. parent
rsync -acrvz . login@server:
and then we can rsync with login@server:parent to read/write files in the parent folder of the restricted folder.
Created attachment 12132 [details]
Adding '--safe-links' or '--munge-links' on server side should fix this.
I actually hardcoded it on some of my servers. The version of rsync present didn't have the --munge-links option so I used --safe-links.
I'm not proposing this change be included, it's just a quick'n'dirty hack while someone more experienced has an actual fix.