get  the  default  escaping  behavior.  The environment is always
              overridden by manually specified  positive  or  negative  options
              (the negative is --no‐old‐args).

              Note  that this option also disables the extra safety check added
              in 3.2.5 that ensures that a remote sender isn’t including  extra
              top‐level  items  in the file‐list that you didn’t request.  This
              side‐effect is necessary because we  can’t  know  for  sure  what
              names to expect when the remote shell is interpreting the args.

              This option conflicts with the --secluded‐args option.

       --secluded‐args, -s
              This  option  sends  all filenames and most options to the remote
              rsync via the protocol (not the remote shell command line)  which
              avoids  letting  the remote shell modify them.  Wildcards are ex‐
              panded on the remote host by rsync instead of a shell.

              This is similar to the default backslash‐escaping  of  args  that
              was  added  in  3.2.4 (see --old‐args) in that it prevents things
              like space splitting and unwanted special‐character side‐effects.
              However, it has the drawbacks of being  incompatible  with  older
              rsync  versions  (prior  to  3.0.0)  and  of being refused by re‐
              stricted shells that want to be able to inspect  all  the  option
              values for safety.

              This  option  is  useful  for those times that you need the argu‐
              ment’s character set to be converted for the remote host, if  the
              remote  shell is incompatible with the default backslash‐escpaing
              method, or there is some other reason that you want the  majority
              of  the  options  and arguments to bypass the command‐line of the
              remote shell.

              If you combine this option with --iconv, the args related to  the
              remote side will be translated from the local to the remote char‐
              acter‐set.   The  translation  happens  before wild‐cards are ex‐
              panded.  See also the --files‐from option.

              You may also control this setting via the RSYNC_PROTECT_ARGS  en‐
              vironment  variable.   If  it  has a non‐zero value, this setting
              will be enabled by default, otherwise it will be disabled by  de‐
              fault.   Either state is overridden by a manually specified posi‐
              tive or negative version of this option  (note  that  --no‐s  and
              --no‐secluded‐args  are the negative versions).  This environment
              variable is also superseded by a non‐zero RSYNC_OLD_ARGS export.

              This option conflicts with the --old‐args option.

              This option used to be called --protect‐args (before  3.2.6)  and
              that  older name can still be used (though specifying it as -s is
              always the easiest and most compatible choice).

       --trust‐sender
              This option disables two extra validation  checks  that  a  local
              client  performs  on  the file list generated by a remote sender.
              This option should only be used if you trust the  sender  to  not
              put  something  malicious  in the file list (something that could
              possibly be done via a modified rsync, a modified shell, or  some
              other similar manipulation).

              Normally,  the  rsync client (as of version 3.2.5) runs two extra
              validation checks when pulling files from a remote rsync:

              o      It verifies that additional arg items didn’t get added  at
                     the top of the transfer.

              o      It  verifies  that  none of the items in the file list are
                     names that should have been excluded (if filter rules were