Skip to main content

Module meta

Module meta 

Source
Expand description

Metadata preservation and the destination-containment safety checks.

Containment is the defence against the rsync symlink path-traversal CVE class (CVE-2024-12087/12088): before ripsync writes a file, creates a symlink, or deletes anything, the real parent directory of the target must resolve to a location inside the destination root. A pre-existing symlink in the destination that redirects a write outside the root is therefore refused rather than followed.

Structs§

MinMeta
Minimal metadata ripsync needs per entry: type, size, mtime, mode, and inode/device (for hardlink detection and the persistent index).

Enums§

FileTypeKind
The kind of a stat-ed entry.

Functions§

canonical_root
Canonicalize root, creating it first if it does not yet exist.
check_relative
Reject a relative path that tries to escape its root via .. or an absolute component. Source-walk relative paths should never contain these; this is a belt-and-braces check before any join.
contained_target
Verify that the real parent directory of target lies within root_canon, returning the concrete path to write/create.
copy_xattrs
Copy selected extended attributes from src to dst.
meta_min
Fetch MinMeta for path without following a final symlink.
set_mode
Apply mode (Unix permission bits) to path. No-op on non-Unix platforms.
set_mtime
Set the modification time of path (symlinks are followed; use set_symlink_mtime for the link itself).
set_owner_group
Set selected ownership fields. On non-Unix platforms this is a no-op.
set_symlink_mtime
Set the modification time of the symlink at path without following it.