On Tue, 29 Jul 2008, Olivier Thauvin wrote:
Your rsync user - don't run rsync as root! And don't run it as your web/ftp service account either.
I can understand not running rsync in daemon mode as root but what is the problem with running the rsync client as root?
There is many reasons:
[snip]
Thanks Olivier. Although this question wasn't asked, I'd add a reason not to run as the web/ftp service account, which is to ensure that the web/ftp service is unable to access the content if it isn't world readable; eg when content is made available to mirrors before public announcements, and a permission bitflip is used to make the content available on the release date.
Ironically, I do run rsync --daemon as root for a few reasons: - use chroot=true - listen on port 873 - specify per-module uid, gid
Admittedly, I could manually chroot the daemon to the entire mirror tree before running it as a regular user, and I could do some port forwarding or iptables stuff and run rsyncd on a high port, and use a common nobody-like account for all modules...
What do you guys do?