Fix for bug 14209 (security violation with --restrict)

git-svn-id: http://svn.savannah.nongnu.org/svn/rdiff-backup/trunk@625 2b77aa54-bcbc-44c9-a7ec-4f6cf2b41109
author: bescoto <bescoto@2b77aa54-bcbc-44c9-a7ec-4f6cf2b41109> 2005-08-20 06:06:07 +0000
committer: bescoto <bescoto@2b77aa54-bcbc-44c9-a7ec-4f6cf2b41109> 2005-08-20 06:06:07 +0000
commit: 420600f59943b8fd20a3cc6853b1d6e7a1bb2bb1 (patch)
tree: 720ebd447a5089be8449ef0470c6484912f1edfa /rdiff-backup/CHANGELOG
parent: 5be6706fff0ebbe54517ce39a9c8efe7fcf8d4b0 (diff)
download: rdiff-backup-420600f59943b8fd20a3cc6853b1d6e7a1bb2bb1.tar.gz
1 files changed, 5 insertions, 0 deletions
diff --git a/rdiff-backup/CHANGELOG b/rdiff-backup/CHANGELOG
index b721602..00e75af 100644
--- a/rdiff-backup/CHANGELOG
+++ b/rdiff-backup/CHANGELOG
@@ -15,6 +15,11 @@ Kevin Spicer).
 fsync_directories defaults to None, to avoid errors in testing
 (suggestion by Charles Duffy).
 
+bug#14209: Security bug with --restrict-read-only and
+--restrict-update-only allowed file statting and directory listing
+outside path.  Bug with --restrict option allowed writes outside path.
+(Reported by Charles Duffy.)
+
 
 New in v1.0.0 (2005/08/14)
 --------------------------
author	bescoto <bescoto@2b77aa54-bcbc-44c9-a7ec-4f6cf2b41109>	2005-08-20 06:06:07 +0000
committer	bescoto <bescoto@2b77aa54-bcbc-44c9-a7ec-4f6cf2b41109>	2005-08-20 06:06:07 +0000
commit	420600f59943b8fd20a3cc6853b1d6e7a1bb2bb1 (patch)
tree	720ebd447a5089be8449ef0470c6484912f1edfa /rdiff-backup/CHANGELOG
parent	5be6706fff0ebbe54517ce39a9c8efe7fcf8d4b0 (diff)
download	rdiff-backup-420600f59943b8fd20a3cc6853b1d6e7a1bb2bb1.tar.gz