Bug 7510 - rsyncd.conf: Default path=/ is dangerous
Summary: rsyncd.conf: Default path=/ is dangerous
Alias: None
Product: rsync
Classification: Unclassified
Component: core (show other bugs)
Version: 3.1.0
Hardware: Other Other
: P3 normal (vote)
Target Milestone: ---
Assignee: Wayne Davison
QA Contact: Rsync QA Contact
Depends on:
Reported: 2010-06-11 09:31 UTC by Chris Pepper
Modified: 2010-06-11 11:46 UTC (History)
0 users

See Also:


Note You need to log in before you can comment on or make changes to this bug.
Description Chris Pepper 2010-06-11 09:31:33 UTC
One of our users accidentally commented out the path entry for a module on our backup server. As a result, the backup started overwriting system files and wrecked the backup server. I realize that path=/ is an excellent default for pulling backups from other machines, but would like to suggest that path must be explicitly set (for all modules or individual modules) in order to write to  rsyncd.
Comment 1 Wayne Davison 2010-06-11 11:46:07 UTC
This is already fixed in the 3.1.0dev code in git -- rsync refuses to use any module that doesn't have a path set.