SECURITY: Paths sent to an rsync daemon are more thoroughly sanitized when chroot is not used. If you're running a non-read-only rsync daemon with chroot disabled, *please upgrade*, especially if the user privs you run rsync under is anything above "nobody".