https://bugzilla.samba.org/show_bug.cgi?id=13827
Bug ID: 13827 Summary: despite --copy-unsafe-links, rsync does not copy the referent of symlinks that point one level outside the copied tree Product: rsync Version: 3.1.3 Hardware: All OS: All Status: NEW Severity: major Priority: P5 Component: core Assignee: wa...@opencoder.net Reporter: j...@bredereke-net.de QA Contact: rsync...@samba.org Created attachment 14913 --> https://bugzilla.samba.org/attachment.cgi?id=14913&action=edit short shell script demonstrating the bug Despite --copy-unsafe-links, rsync does not copy the referent of symlinks that point one level outside the copied tree. The short shell script attached demonstrates the problem. It also demonstrates two other cases where the checks work as intended. The problem appears to be an off-by-one error in a check. Accessing things outside the copied tree through a symlink is probably a security problem. However, the restriction to only one directory level too far makes it more difficult to expoit. 1) Tested on Lubuntu 18.04.1 LTS 2) rsync version 3.1.2, protocol version 31 (The most current version of rsync is 3.1.3. But its release notes do not mention this bug to be fixed.) The change & release notes of Lubuntu 18.04.1 do not mention rsync. The bug tracker Ubuntu Launchpad does not mention this bug. 3) I expected any symlink pointing outside the copied tree to be converted into a copy, when I use --copy-unsafe-links. 4) A symlink pointing just one level outside the copied tree is not converted. This is always reproducible, see the demo script attached. I submitted this bug to Ubuntu Launchpad first. But they told me to submit it here. (Since I declared it a security relevant bug, it became non-public by default.) https://bugs.launchpad.net/ubuntu/+source/rsync/+bug/1816586 -- You are receiving this mail because: You are the QA Contact for the bug. -- Please use reply-all for most replies to avoid omitting the mailing list. To unsubscribe or change options: https://lists.samba.org/mailman/listinfo/rsync Before posting, read: http://www.catb.org/~esr/faqs/smart-questions.html