read dir list with write only option

classic Classic list List threaded Threaded
4 messages Options
Reply | Threaded
Open this post in threaded view
|

read dir list with write only option

Samba - rsync mailing list
Hello all,

when the "write only = yes" option is used on rsync server, the client
can't download any file from the server.

My question is, if in that case the rsync protocol will allow the client
to read the server directory content or not. The question is not about
if standard rsync client will allow to do that - I verified that using
"--list-only" client option fails in this case, but if the rsync
protocol internally allows to do that or not - that is if e.g. if some
hacked client would be able to get the list of remote dir.

Thanks in advance for your reply,

Pavel





--
Please use reply-all for most replies to avoid omitting the mailing list.
To unsubscribe or change options: https://lists.samba.org/mailman/listinfo/rsync
Before posting, read: http://www.catb.org/~esr/faqs/smart-questions.html
Reply | Threaded
Open this post in threaded view
|

Re: read dir list with write only option

Samba - rsync mailing list
--list-only (or no target specified) are the only listings without
transferring that rsync supports.  The restriction would not apply to
the list of modules (IIRC there is another option for that).

On 09/06/2017 04:00 AM, Pavel Kasparek via rsync wrote:

> Hello all,
>
> when the "write only = yes" option is used on rsync server, the client
> can't download any file from the server.
>
> My question is, if in that case the rsync protocol will allow the client
> to read the server directory content or not. The question is not about
> if standard rsync client will allow to do that - I verified that using
> "--list-only" client option fails in this case, but if the rsync
> protocol internally allows to do that or not - that is if e.g. if some
> hacked client would be able to get the list of remote dir.
>
> Thanks in advance for your reply,
>
> Pavel
>
>
>
>
>
--
~*-,._.,-*~'`^`'~*-,._.,-*~'`^`'~*-,._.,-*~'`^`'~*-,._.,-*~'`^`'~*-,._.,
        Kevin Korb Phone:    (407) 252-6853
        Systems Administrator Internet:
        FutureQuest, Inc. [hidden email]  (work)
        Orlando, Florida [hidden email] (personal)
        Web page: http://www.sanitarium.net/
        PGP public key available on web site.
~*-,._.,-*~'`^`'~*-,._.,-*~'`^`'~*-,._.,-*~'`^`'~*-,._.,-*~'`^`'~*-,._.,


--
Please use reply-all for most replies to avoid omitting the mailing list.
To unsubscribe or change options: https://lists.samba.org/mailman/listinfo/rsync
Before posting, read: http://www.catb.org/~esr/faqs/smart-questions.html

signature.asc (231 bytes) Download Attachment
Reply | Threaded
Open this post in threaded view
|

Re: read dir list with write only option

Samba - rsync mailing list
In reply to this post by Samba - rsync mailing list
On Wed, Sep 6, 2017 at 1:00 AM, Pavel Kasparek via rsync <[hidden email]> wrote:
when the "write only = yes" option is used on rsync server, [... would a] hacked client [...] be able to get the list of remote dir [?]

It wouldn't work. The listing action is a special kind of read operation, and all read operations are denied by the server when "write only" is used. I'd also suggest that you specify "refuse options = delete" for a write-only module.

..wayne..
 

--
Please use reply-all for most replies to avoid omitting the mailing list.
To unsubscribe or change options: https://lists.samba.org/mailman/listinfo/rsync
Before posting, read: http://www.catb.org/~esr/faqs/smart-questions.html
Reply | Threaded
Open this post in threaded view
|

Re: read dir list with write only option

Samba - rsync mailing list
On 10/08/2017 06:19 PM, Wayne Davison wrote:

> On Wed, Sep 6, 2017 at 1:00 AM, Pavel Kasparek via rsync
> <[hidden email] <mailto:[hidden email]>> wrote:
>
>     when the "write only = yes" option is used on rsync server, [...
>     would a] hacked client [...] be able to get the list of remote dir [?]
>
>
> It wouldn't work. The listing action is a special kind of read
> operation, and all read operations are denied by the server when
> "write only" is used. I'd also suggest that you specify "refuse
> options = delete" for a write-only module.
>
> ..wayne..
>  

Perfect, thank you all for your replies.

Pavel




--
Please use reply-all for most replies to avoid omitting the mailing list.
To unsubscribe or change options: https://lists.samba.org/mailman/listinfo/rsync
Before posting, read: http://www.catb.org/~esr/faqs/smart-questions.html