Re: rssh security update breaks rsync via Synology's "hyper backup"

To: Russ Allbery <rra@debian.org>, Antoine Beaupré <anarcat@orangeseeds.org>
Cc: Chris Lamb <lamby@debian.org>, Holger Levsen <holger@layer-acht.org>, debian-lts@lists.debian.org, debian-security@lists.debian.org
Subject: Re: rssh security update breaks rsync via Synology's "hyper backup"
From: Roman Medina-Heigl Hernandez <roman@rs-labs.com>
Date: Mon, 18 Feb 2019 19:37:50 +0100
Message-id: <[🔎] 4a4ba799-96cb-969b-6444-0316c8d6221f@rs-labs.com>
In-reply-to: <[🔎] 87va1h6m7q.fsf@hope.eyrie.org>
References: <[🔎] 75a71a7b-4022-0f43-5963-964a36a3ae53@rs-labs.com> <[🔎] 20190214173443.cupioumebaklmlab@layer-acht.org> <[🔎] 1550166453.328076.1658087792.7E953D37@webmail.messagingengine.com> <[🔎] ad2e1037-dbe9-4180-9dfd-d458faaac610@rs-labs.com> <[🔎] 875ztmi6on.fsf@hope.eyrie.org> <[🔎] 871s4aql1m.fsf@curie.anarc.at> <[🔎] 87va1h6m7q.fsf@hope.eyrie.org>

El 18/02/2019 a las 18:27, Russ Allbery escribió:
> While I agree that using undocumented features of rsync is a little
> dubious, I'm also willing to include a fix to allow the specific command
> line "rsync --server --daemon <path>" since (a) it seems to be safe, (b)
> looks easy enough to do, and (c) my only goal with rssh at this point is
> to keep it working through the stable support period, so I'm not too
> worried about the long-term maintenance burden of one-off hacks like that.
>
> I should be able to do this later today.
>
> Does this plan sound good to everyone?  I'll follow up with the proposed
> diffs for stable and oldstable.

If you want, shoot me with a .deb I could install in oldstable in order
to test the "rsync --server --daemon" fix.

Cheers,

-Román

Reply to:

Follow-Ups:
- Re: rssh security update breaks rsync via Synology's "hyper backup"
  - From: Russ Allbery <rra@debian.org>

References:
- rssh security update breaks rsync via Synology's "hyper backup"
  - From: Roman Medina-Heigl Hernandez <roman@rs-labs.com>
- Re: rssh security update breaks rsync via Synology's "hyper backup"
  - From: Holger Levsen <holger@layer-acht.org>
- Re: rssh security update breaks rsync via Synology's "hyper backup"
  - From: Chris Lamb <lamby@debian.org>
- Re: rssh security update breaks rsync via Synology's "hyper backup"
  - From: Roman Medina-Heigl Hernandez <roman@rs-labs.com>
- Re: rssh security update breaks rsync via Synology's "hyper backup"
  - From: Russ Allbery <rra@debian.org>
- Re: rssh security update breaks rsync via Synology's "hyper backup"
  - From: Antoine Beaupré <anarcat@orangeseeds.org>
- Re: rssh security update breaks rsync via Synology's "hyper backup"
  - From: Russ Allbery <rra@debian.org>

Prev by Date: Re: rssh security update breaks rsync via Synology's "hyper backup"
Next by Date: Re: rssh security update breaks rsync via Synology's "hyper backup"
Previous by thread: Re: rssh security update breaks rsync via Synology's "hyper backup"
Next by thread: Re: rssh security update breaks rsync via Synology's "hyper backup"
Index(es):
- Date
- Thread