rdiff-backup-users
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [rdiff-backup-users] SECURITY: Not all file ops accessed via vetted

From: Charles Duffy
Subject: Re: [rdiff-backup-users] SECURITY: Not all file ops accessed via vetted RPath objects? Also a path prefixing patch
Date: Wed, 17 Aug 2005 02:06:34 -0500 
On Wed, 2005-08-17 at 08:03 +0100, Keith Edmunds wrote:
> Charles Duffy wrote:
> > Hmm. See, my concern is protecting inappropriate files on host from
> > being accessed. Perhaps I'll want to use a different security layer in
> > addition to application-based measures.
> 
> Charles, I know that you are against each server having its own username 
> on the backup server, but that is _exactly_ what having individual 
> server accounts will give you. That's how I implement backups, albeit 
> for fewer servers than you have, and it works very well. You could spend 
> a lot of time trying to find the ideal solution...

Keith,

Your concern is appreciated, but I *have* a solution that seems to work
well for me, without the overhead of (potentially) thousands of accounts
and with the additional benefit of eliminating SSH overhead (which is
redundant w/ the VPN I run). The only issue I have is that it requires
that the server have a patched copy of rdiff-backup. I consider this a
reasonable requirement -- but would like to see my patch vetted and
pushed upstream rather than remaining a local modification only.

With regard to additional, lower-level measures, an LD_PRELOAD that vets
file accesses to make sure they're happening within approved paths is
still less administrative overhead than would be involved in having
remote-server:local-account parity.
reply via email to
[Prev in Thread] Current Thread [Next in Thread]