oss-sec mailing list archives
Re: CVE-2017-8805: Unsafe symlinks not filtered in Debian mirror script ftpsync
From: Seth Arnold <seth.arnold () canonical com>
Date: Thu, 19 Oct 2017 12:44:28 -0700
On Wed, Oct 18, 2017 at 04:55:07PM -0400, Robert Watson wrote:
Removing the ability for rsync to copy symlinks pointing to targets outside the mirror tree would greatly cripple it. I need to understand how the danger is worth the loss of this functionality.
Note that the fix isn't modifying rsync, the fix is modifying the ftpsync script that calls rsync: + RSYNC_OPTIONS=${RSYNC_OPTIONS:-"-prltvHSB8192 --safe-links --timeout 3600 --stats --no-human-readable"} https://anonscm.debian.org/cgit/mirror/archvsync.git/commit/?id=d1ca2ab2210990b6dfb664cd6776a41b71c48016 Of course for people who run this mirroring tool as a specific user account and set file permissions appropriately this is more or less a no-op. But this is a useful hardening for people who run the ftpsync command as a user with too many privileges. (I wouldn't have bothered filing for a CVE for this change; I see it as a simple hardening change.) This option shouldn't cripple ftpsync as a well-run repository is highly unlikely to have symlinks pointing out of the tree. A repository with symlinks pointing out of the tree is already not a suitable rsync source. Thanks
Attachment:
signature.asc
Description:
Current thread:
- CVE-2017-8805: Unsafe symlinks not filtered in Debian mirror script ftpsync Bastian Blank (Oct 17)
- Re: CVE-2017-8805: Unsafe symlinks not filtered in Debian mirror script ftpsync Robert Watson (Oct 18)
- Re: CVE-2017-8805: Unsafe symlinks not filtered in Debian mirror script ftpsync Ben Tasker (Oct 18)
- Re: CVE-2017-8805: Unsafe symlinks not filtered in Debian mirror script ftpsync Robert Watson (Oct 19)
- Re: CVE-2017-8805: Unsafe symlinks not filtered in Debian mirror script ftpsync Seth Arnold (Oct 19)
- Re: CVE-2017-8805: Unsafe symlinks not filtered in Debian mirror script ftpsync Robert Watson (Oct 20)
- Re: CVE-2017-8805: Unsafe symlinks not filtered in Debian mirror script ftpsync Ben Tasker (Oct 20)
- Re: CVE-2017-8805: Unsafe symlinks not filtered in Debian mirror script ftpsync Robert Watson (Oct 21)
- Re: CVE-2017-8805: Unsafe symlinks not filtered in Debian mirror script ftpsync Solar Designer (Oct 21)
- Re: CVE-2017-8805: Unsafe symlinks not filtered in Debian mirror script ftpsync Robert Watson (Oct 21)
- Re: CVE-2017-8805: Unsafe symlinks not filtered in Debian mirror script ftpsync Simon McVittie (Oct 21)
- Re: CVE-2017-8805: Unsafe symlinks not filtered in Debian mirror script ftpsync Ben Tasker (Oct 18)
- Re: CVE-2017-8805: Unsafe symlinks not filtered in Debian mirror script ftpsync Robert Watson (Oct 18)
- Re: CVE-2017-8805: Unsafe symlinks not filtered in Debian mirror script ftpsync Seth Arnold (Oct 20)
- Re: CVE-2017-8805: Unsafe symlinks not filtered in Debian mirror script ftpsync Bastian Blank (Oct 21)