0. `--trust-sender`
- Disable the extra validation of the file list from a remote sender (this
- safety feature was added in 3.2.5). This should only be done if you trust
- the sender to not try to do something malicious, which should be the case
- if they're running a stock rsync.
+ This option disables two extra validation checks that a local client
+ performs on the file list generated by a remote sender. This option should
+ only be used if you trust the sender to not put something malicious in the
+ file list (something that could possibly be done via a modified rsync, a
+ modified shell, or some other similar manipulation).
- Normally when pulling files from a remote rsync, the client runs 2 extra
- validation checks:
+ Normally, the rsync client (as of version 3.2.5) runs two extra validation
+ checks when pulling files from a remote rsync:
- - Verify that additional arg items didn't get added at the top of the
+ - It verifies that additional arg items didn't get added at the top of the
transfer.
- - Verify that none of the items in the file list should have been excluded.
+ - It verifies that none of the items in the file list are names that should
+ have been excluded (if filter rules were specified).
Note that various options can turn off one or both of these checks if the
option interferes with the validation. For instance:
This option may help an under-powered client server if the extra pattern
matching is slowing things down on a huge transfer. It can also be used to
- work around a currently-unknown bug in the verification logic if you trust
- the sender or make the transfer into a dedicated destination directory.
+ work around a currently-unknown bug in the verification logic for a transfer
+ from a trusted sender.
+
+ When using this option it is a good idea to specify a dedicated destination
+ directory, as discussed in the [MULTI-HOST SECURITY](#) section.
0. `--copy-as=USER[:GROUP]`
git.samba.org / rsync.git / commitdiff