Download your favorite Linux distribution at LQ ISO.
Go Back > Forums > Linux Forums > Linux - Newbie
User Name
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!


  Search this Thread
Old 03-13-2008, 10:08 AM   #1
Registered: Oct 2006
Location: The Ether
Distribution: Lubuntu 14.04 LTS, Kali
Posts: 297

Rep: Reputation: 30
rsync over ssh and file permissions security problem ?

I had a directory, files , containing some files on computerA. The directory was owned by user/group root and the files within were also owned by the same. The directory and file permissions were rwxr-xr-x i.e 755.
I was logged in on computerB as a non-root user and wanted to transfer this whole directory over using rsync so I issued the following command :
computerB_$ rsync -ave ssh non-root@computerA:/files .
I used a non-privileged user name to log into computerA to download the files directory. The above command was successful.
The worrying this was that on computerA the files directory and all the files within were owned by root but I was able to transfer a root /user/group owned directory to computerB as a non-root user. Also once the directory had been transferred onto computerB it inherited the local users ownership permissions. What is there to stop any non-root user logging into computerA, so long as they have an account on that machine, and downloading sensitive system files and directories ?

Thanks !

Old 03-13-2008, 10:23 AM   #2
Senior Member
Registered: Sep 2005
Location: France
Distribution: LFS
Posts: 1,591

Rep: Reputation: 79
chmod o-rxw sensitive_file
chmod -R o-rxw sensitive_directory
Old 03-13-2008, 11:05 AM   #3
Registered: Feb 2008
Location: JHB South Africa
Distribution: Centos, Kubuntu, Cross LFS, OpenSolaris
Posts: 806

Rep: Reputation: 41
When you run rsync with -a which is archiving mode the file permissions are preserved.

If you do not want this you need to add --no-o

rsync -ave --no-o
Old 03-13-2008, 12:21 PM   #4
LQ Newbie
Registered: Oct 2007
Distribution: MEPIS
Posts: 15

Rep: Reputation: 0
Have you looked in the rsyncd.conf man pages? This may answer your security/access questions.


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
rsync + ssh almost got it! But having a wierd problem :( neyoung Linux - Software 6 02-22-2007 03:54 AM
Windows Rsync Upload to Linux Rsync - permissions inspleak Linux - Software 0 10-12-2004 03:49 PM
SSH and RSYNC problem pixie Linux - General 2 03-02-2004 12:02 PM
problem with ssh-based, rsync reitsma Linux - Software 3 07-07-2003 05:20 PM > Forums > Linux Forums > Linux - Newbie

All times are GMT -5. The time now is 04:45 PM.

Main Menu
Write for LQ is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration