[CentOS-mirror] New Mirror

Tue Jul 29 17:04:02 UTC 2008
Olivier Thauvin <nanardon at nanardon.zarb.org>

Le mardi 29 juillet 2008, Mike Zanker a écrit :
> On 29/07/08 15:58, mirror-maintainer at mirror.averse.net wrote:
> > Your rsync user - don't run rsync as root!  And don't run it as your
> > web/ftp service account either.
>
> I can understand not running rsync in daemon mode as root but what is
> the problem with running the rsync client as root?

There is many reasons:

1) do you use your computer for regular action as root ?
2) rsync can have bug, and it is dedicated to massively create or removing 
files, isn't safer to run it as normal user just in case ?
3) on the remote tree, the sys admin can create setuid executable, devices 
files etc... with permissions of it own choice. All those files will be 
nicelly synch to your server with their permission. Running it as regular 
user will deny creation of device files, and in worst case give to a runnable 
as this user setuid executable, but in all case, not setuid over root.
4) rsync run as root can keep UID/GID as is, w/o checking who are the user 
with these UID/GID on your own system, which can give permission to someone 
untrusted on your side to modify/delete the mirror.

Finally:
5) spliting action through several _normal_ user can limit breakage in case 
security hole in one of all those services.

Best regards.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 197 bytes
Desc: This is a digitally signed message part.
URL: <http://lists.centos.org/pipermail/centos-mirror/attachments/20080729/42508276/attachment-0004.sig>