mirror/rsync
1
0
Fork 0
mirror of https://github.com/RsyncProject/rsync.git synced 2026-05-19 04:15:56 -04:00
Code Issues Packages Projects Releases Wiki Activity

Make a --trust-sender a bit clearer.

Browse Source
This commit is contained in:
Wayne Davison
2022-08-10 16:25:37 -07:00
parent 3e4b01173a
commit 55ad8757ec
1 changed files with 15 additions and 10 deletions
Download Patch File Download Diff File Expand all files Collapse all files

25
rsync.1.md
View File

@@ -2414,17 +2414,19 @@ expand it.
0. `--trust-sender`
Disable the extra validation of the file list from a remote sender (this
safety feature was added in 3.2.5). This should only be done if you trust
the sender to not try to do something malicious, which should be the case
if they're running a stock rsync.
This option disables two extra validation checks that a local client
performs on the file list generated by a remote sender. This option should
only be used if you trust the sender to not put something malicious in the
file list (something that could possibly be done via a modified rsync, a
modified shell, or some other similar manipulation).
Normally when pulling files from a remote rsync, the client runs 2 extra
validation checks:
Normally, the rsync client (as of version 3.2.5) runs two extra validation
checks when pulling files from a remote rsync:
- Verify that additional arg items didn't get added at the top of the
- It verifies that additional arg items didn't get added at the top of the
transfer.
- Verify that none of the items in the file list should have been excluded.
- It verifies that none of the items in the file list are names that should
have been excluded (if filter rules were specified).
Note that various options can turn off one or both of these checks if the
option interferes with the validation. For instance:
@@ -2440,8 +2442,11 @@ expand it.
This option may help an under-powered client server if the extra pattern
matching is slowing things down on a huge transfer. It can also be used to
work around a currently-unknown bug in the verification logic if you trust
the sender or make the transfer into a dedicated destination directory.
work around a currently-unknown bug in the verification logic for a transfer
from a trusted sender.
When using this option it is a good idea to specify a dedicated destination
directory, as discussed in the [MULTI-HOST SECURITY](#) section.
0. `--copy-as=USER[:GROUP]`