From: Wayne Davison <wayne@opencoder.net>
Date: Wed, 10 Aug 2022 23:25:37 +0000 (-0700)
Subject: Make a `--trust-sender` a bit clearer.
X-Git-Tag: v3.2.5~5
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=55ad8757ec32f9aa202305ea6e0d72bd55d66efd;p=thirdparty%2Frsync.git

Make a `--trust-sender` a bit clearer.
---

diff --git a/rsync.1.md b/rsync.1.md
index c19d0755..f29495f2 100644
--- a/rsync.1.md
+++ b/rsync.1.md
@@ -2414,17 +2414,19 @@ expand it.
 
 0.  `--trust-sender`
 
-    Disable the extra validation of the file list from a remote sender (this
-    safety feature was added in 3.2.5).  This should only be done if you trust
-    the sender to not try to do something malicious, which should be the case
-    if they're running a stock rsync.
+    This option disables two extra validation checks that a local client
+    performs on the file list generated by a remote sender.  This option should
+    only be used if you trust the sender to not put something malicious in the
+    file list (something that could possibly be done via a modified rsync, a
+    modified shell, or some other similar manipulation).
 
-    Normally when pulling files from a remote rsync, the client runs 2 extra
-    validation checks:
+    Normally, the rsync client (as of version 3.2.5) runs two extra validation
+    checks when pulling files from a remote rsync:
 
-    - Verify that additional arg items didn't get added at the top of the
+    - It verifies that additional arg items didn't get added at the top of the
       transfer.
-    - Verify that none of the items in the file list should have been excluded.
+    - It verifies that none of the items in the file list are names that should
+      have been excluded (if filter rules were specified).
 
     Note that various options can turn off one or both of these checks if the
     option interferes with the validation.  For instance:
@@ -2440,8 +2442,11 @@ expand it.
 
     This option may help an under-powered client server if the extra pattern
     matching is slowing things down on a huge transfer.  It can also be used to
-    work around a currently-unknown bug in the verification logic if you trust
-    the sender or make the transfer into a dedicated destination directory.
+    work around a currently-unknown bug in the verification logic for a transfer
+    from a trusted sender.
+
+    When using this option it is a good idea to specify a dedicated destination
+    directory, as discussed in the [MULTI-HOST SECURITY](#) section.
 
 0.  `--copy-as=USER[:GROUP]`