Bug 1597 - filter module list by access rights
filter module list by access rights
Status: ASSIGNED
Product: rsync
Classification: Unclassified
Component: core
2.6.4
All All
: P5 enhancement
: ---
Assigned To: Wayne Davison
Rsync QA Contact
:
: 8506 (view as bug list)
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2004-08-10 08:56 UTC by Steve Friedman
Modified: 2011-10-04 05:57 UTC (History)
1 user (show)

See Also:


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Steve Friedman 2004-08-10 08:56:36 UTC
When preparing a module list (e.g., queried by "rsync hostname::"), the daemon
should filter out modules that are denied by hosts allow/deny, password rights,
etc.  This both reduces information leakage, and assures that the module can
actually be traversed.
Comment 1 Matt McCutchen 2007-01-30 16:04:40 UTC
Note comments here:

http://lists.samba.org/archive/rsync/2007-January/017014.html
Comment 2 Steve Friedman 2007-01-31 14:19:20 UTC
My use case was a module for which access was restricted to one IP address (a backup machine).  I didn't want the existence of this module to be known to arbitrary users (information leakage never being a good thing).  I ended up using two rsync daemons, with the private one protected by iptables on a non-standard port, to prevent the announcement of the modules' existence.

When I wrote up the feature-request, I added the password rights issue.
Comment 3 Matt McCutchen 2011-10-04 05:57:24 UTC
*** Bug 8506 has been marked as a duplicate of this bug. ***