You are using an out of date browser. It may not display this or other websites correctly. You should upgrade or use an alternative browser.
daemon acls
About this tag
The daemon acls tag covers discussions about access control list (ACL) bypass vulnerabilities in daemon services, specifically focusing on CVE-2026-43617 in rsync. This vulnerability affects rsync daemon hostname-based access controls when chroot is enabled, allowing authorization bypass through DNS reverse lookup manipulation. The content highlights that name-based security policies in daemon configurations can be unreliable when they depend on DNS resolution. Administrators are advised to review their rsync daemon ACL configurations and consider more robust authentication methods beyond hostname-based rules.
On May 20, 2026, CVE-2026-43617 was published for rsync 3.4.2 and earlier, describing a medium-severity authorization bypass in rsync daemon hostname-based access controls when the service is configured with chroot. The bug is not the kind of remote-code-execution siren that sends every SOC...