1597 – filter module list by access rights

Bug 1597 - filter module list by access rights

Summary: filter module list by access rights

Status:	ASSIGNED

Alias:	None

Product:	rsync
Classification:	Unclassified
Component:	core (show other bugs)
Version:	2.6.4
Hardware:	All All

Importance:	P5 enhancement (vote)
Target Milestone:	---
Assignee:	Wayne Davison
QA Contact:	Rsync QA Contact

URL:
Keywords:

Duplicates (1):	8506 (view as bug list)
Depends on:
Blocks:

Reported:	2004-08-10 08:56 UTC by Steve Friedman
Modified:	2011-10-04 05:57 UTC (History)
CC List:	1 user (show)

See Also:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Steve Friedman 2004-08-10 08:56:36 UTC

When preparing a module list (e.g., queried by "rsync hostname::"), the daemon
should filter out modules that are denied by hosts allow/deny, password rights,
etc.  This both reduces information leakage, and assures that the module can
actually be traversed.

Comment 1 Matt McCutchen 2007-01-30 16:04:40 UTC

Note comments here:

http://lists.samba.org/archive/rsync/2007-January/017014.html

Comment 2 Steve Friedman 2007-01-31 14:19:20 UTC

My use case was a module for which access was restricted to one IP address (a backup machine).  I didn't want the existence of this module to be known to arbitrary users (information leakage never being a good thing).  I ended up using two rsync daemons, with the private one protected by iptables on a non-standard port, to prevent the announcement of the modules' existence.

When I wrote up the feature-request, I added the password rights issue.

Comment 3 Matt McCutchen 2011-10-04 05:57:24 UTC

*** Bug 8506 has been marked as a duplicate of this bug. ***