[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [rdiff-backup-users] Security violations with --server --restrict-re
From: |
Ben Escoto |
Subject: |
Re: [rdiff-backup-users] Security violations with --server --restrict-read-only |
Date: |
Wed, 27 Aug 2003 13:42:44 -0700 |
>>>>> "RN" == Randall Nortman <address@hidden>
>>>>> wrote the following on Mon, 25 Aug 2003 19:27:06 -0500
RN> Being the impatient sort that I am, I have done yet more
RN> investigation on this problem. I installed 0.13.1 on both client
RN> and server and reproduced the problem in the same way as with
RN> 0.12.3, except that now the security violation is on the call to
RN> os.getcwd on line 510 of Main.py. Again, to reproduce this, just
RN> execute something like this:
RN> rdiff-backup --remote-schema 'ssh -C %s --server
RN> --restrict-read-only /some/path' hostname::/some/path
RN> /destination/path
RN> Anybody have any suggestions? Is anybody even hearing me?
Yes, I can reproduce your error. Two patches for 0.12.3 that should
fix this are at:
http://savannah.nongnu.org/cgi-bin/viewcvs/rdiff-backup/rdiff-backup/rdiff_backup/Security.py.diff?r1=1.12&r2=1.12.2.1
http://savannah.nongnu.org/cgi-bin/viewcvs/rdiff-backup/rdiff-backup/rdiff_backup/Main.py.diff?r1=1.38.2.3&r2=1.38.2.4
There have been more changes to 0.13.1, and I'm not sure the patches
would apply. But unless you want to help test you want to use 0.12.x
anyway.
--
Ben Escoto
pgpqbQsE7horF.pgp
Description: PGP signature