[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [rdiff-backup-users] SECURITY: Not all file ops accessed via vetted
From: |
Ben Escoto |
Subject: |
Re: [rdiff-backup-users] SECURITY: Not all file ops accessed via vetted RPath objects? Also a path prefixing patch |
Date: |
Sat, 20 Aug 2005 01:19:00 -0500 |
>>>>> Charles Duffy <address@hidden>
>>>>> wrote the following on Thu, 18 Aug 2005 06:39:44 -0500
>
> Yes, I have one (netcat on the client, tcpsvd on the server). That's
> fine, it works -- but it rules out the (SSH-based) multi-server
> authentication mechansims which have been thus far suggested (and which
> I don't have a need for anyhow, on account of the VPN).
Well I was just suggesting using usernames.. Like instead of having
the server run
rdiff-backup --restrict XXXX --force-path-prefix XXXX --server
you could have it run
cd XXXX; sudo -u YYYYY rdiff-backup --restrict . --server
to avoid patching rdiff-backup and for an additional layer of
security. Anyway it's up to you, I'm mainly posting to say I think
the security bug is fixed in CVS. Thank you for the report.
--
Ben Escoto
pgpwU1RccmOAb.pgp
Description: PGP signature