Bug 1597 - filter module list by access rights
Summary: filter module list by access rights
Alias: None
Product: rsync
Classification: Unclassified
Component: core (show other bugs)
Version: 2.6.4
Hardware: All All
: P5 enhancement (vote)
Target Milestone: ---
Assignee: Wayne Davison
QA Contact: Rsync QA Contact
: 8506 (view as bug list)
Depends on:
Reported: 2004-08-10 08:56 UTC by Steve Friedman
Modified: 2011-10-04 05:57 UTC (History)
1 user (show)

See Also:


Note You need to log in before you can comment on or make changes to this bug.
Description Steve Friedman 2004-08-10 08:56:36 UTC
When preparing a module list (e.g., queried by "rsync hostname::"), the daemon
should filter out modules that are denied by hosts allow/deny, password rights,
etc.  This both reduces information leakage, and assures that the module can
actually be traversed.
Comment 1 Matt McCutchen 2007-01-30 16:04:40 UTC
Note comments here:

Comment 2 Steve Friedman 2007-01-31 14:19:20 UTC
My use case was a module for which access was restricted to one IP address (a backup machine).  I didn't want the existence of this module to be known to arbitrary users (information leakage never being a good thing).  I ended up using two rsync daemons, with the private one protected by iptables on a non-standard port, to prevent the announcement of the modules' existence.

When I wrote up the feature-request, I added the password rights issue.
Comment 3 Matt McCutchen 2011-10-04 05:57:24 UTC
*** Bug 8506 has been marked as a duplicate of this bug. ***