From 2f7c583143bc6e80902139c23d9d7283f88fbc6a Mon Sep 17 00:00:00 2001 From: Wayne Davison Date: Mon, 1 Aug 2022 18:21:28 -0700 Subject: [PATCH] A few more minor tweaks. --- exclude.c | 7 +++---- rsync.1.md | 13 ++++++------- 2 files changed, 9 insertions(+), 11 deletions(-) diff --git a/exclude.c b/exclude.c index 0100efc7..cd77c543 100644 --- a/exclude.c +++ b/exclude.c @@ -395,11 +395,10 @@ void add_implied_include(const char *arg) if (recurse || xfer_dirs) { /* Now create a rule with an added "/" & "**" or "*" at the end */ rule = new0(filter_rule); + rule->rflags = FILTRULE_INCLUDE | FILTRULE_WILD; if (recurse) - rule->rflags = FILTRULE_INCLUDE | FILTRULE_WILD | FILTRULE_WILD2; - else - rule->rflags = FILTRULE_INCLUDE | FILTRULE_WILD; - /* A +4 in the len leaves enough room for / * * \0 or / * \0 \0 */ + rule->rflags |= FILTRULE_WILD2; + /* We must leave enough room for / * * \0. */ if (!saw_wild && backslash_cnt) { /* We are appending a wildcard, so now the backslashes need to be escaped. */ p = rule->pattern = new_array(char, arg_len + backslash_cnt + 3 + 1); diff --git a/rsync.1.md b/rsync.1.md index 576dd90b..0c27df4c 100644 --- a/rsync.1.md +++ b/rsync.1.md @@ -180,17 +180,16 @@ an absolute or relative path that tries to escape out of the top of the transfer. Also, beginning with version 3.2.5, rsync does two more safety checks of the file list to (1) ensure that no extra source arguments were added into the transfer other than those that the client requested and (2) ensure -that the file list obeys the exclude rules that we sent to the sender. +that the file list obeys the exclude rules that were sent to the sender. -For those that don't yet have a 3.2.5 client rsync, it is safest to do a copy -into a dedicated destination directory for the remote files rather than -requesting the remote content get mixed in with other local content. For -example, doing an rsync copy into your home directory is potentially unsafe on -an older rsync if the remote rsync is being controlled by a bad actor: +For those that don't yet have a 3.2.5 client rsync (or those that want to be +extra careful), it is safest to do a copy into a dedicated destination +directory for the remote files when you don't trust the remote host. For +example, instead of doing an rsync copy into your home directory: > rsync -aiv host1:dir1 ~ -A safer command would be: +Dedicate a "host1-files" dir to the remote content: > rsync -aiv host1:dir1 ~/host1-files -- 2.47.2