Expand description
Metadata preservation and the destination-containment safety checks.
Containment is the defence against the rsync symlink path-traversal CVE class (CVE-2024-12087/12088): before ripsync writes a file, creates a symlink, or deletes anything, the real parent directory of the target must resolve to a location inside the destination root. A pre-existing symlink in the destination that redirects a write outside the root is therefore refused rather than followed.
Structs§
- MinMeta
- Minimal metadata ripsync needs per entry: type, size, mtime, mode, and inode/device (for hardlink detection and the persistent index).
Enums§
- File
Type Kind - The kind of a stat-ed entry.
Functions§
- canonical_
root - Canonicalize
root, creating it first if it does not yet exist. - check_
relative - Reject a relative path that tries to escape its root via
..or an absolute component. Source-walk relative paths should never contain these; this is a belt-and-braces check before any join. - contained_
target - Verify that the real parent directory of
targetlies withinroot_canon, returning the concrete path to write/create. - copy_
xattrs - Copy selected extended attributes from
srctodst. - meta_
min - Fetch
MinMetaforpathwithout following a final symlink. - set_
mode - Apply
mode(Unix permission bits) topath. No-op on non-Unix platforms. - set_
mtime - Set the modification time of
path(symlinks are followed; useset_symlink_mtimefor the link itself). - set_
owner_ group - Set selected ownership fields. On non-Unix platforms this is a no-op.
- set_
symlink_ mtime - Set the modification time of the symlink at
pathwithout following it.