[PLUG] Re: sftp and scp - preserving UID/GID (2)

Fedor Pikus fpikus at gmail.com
Tue Dec 21 16:58:08 UTC 2004


On 21 Dec 2004 01:02:14 -0800, Russell Senior <seniorr at aracnet.com> wrote:
> >>>>> "Fedor" == Fedor Pikus <fpikus at gmail.com> writes:
> 
> Fedor> I suspect that there may be security ramifications as well with
> Fedor> root blindly creating files owned by another user.
> 
> Hey, if I have a root login on the box, piddly restrictions on what
> scp can do aren't going to save you (are they??).
No, the issue is not protecting the box from the root. It's protecting
the root from inadvertently compromizing his own system.

> Fedor> Anyway, the best way to copy everything exactly as-is is to
> Fedor> pipe tar through ssh, this also copies links accurately.
> 
> Is tar better in an observable way than rsync in this regard, and
> if so, how?
tar is also observable. rsync with -e ssh is about the same as tar
over ssh, although if you need to give ssh some options you have to
explicitly call it.

> 
> --
> Russell Senior         ``I have nine fingers; you have ten.''
> seniorr at aracnet.com
> _______________________________________________
> PLUG mailing list
> PLUG at lists.pdxlinux.org
> http://lists.pdxlinux.org/mailman/listinfo/plug
> 


-- 
Fedor G Pikus (fpikus at gmail.com)
http://www.pikus.net
http://wild-light.com



More information about the PLUG mailing list