Re: [rdiff-backup-users] SECURITY: Not all file ops accessed via vetted

rdiff-backup-users

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [rdiff-backup-users] SECURITY: Not all file ops accessed via vetted

From:	Charles Duffy
Subject:	Re: [rdiff-backup-users] SECURITY: Not all file ops accessed via vetted RPath objects? Also a path prefixing patch
Date:	Sat, 20 Aug 2005 07:54:49 -0500
User-agent:	Mozilla Thunderbird 1.0.2 (Windows/20050317)

Ben Escoto wrote:

Well I was just suggesting using usernames..  Like instead of having
the server run

   rdiff-backup --restrict XXXX --force-path-prefix XXXX --server

you could have it run

   cd XXXX; sudo -u YYYYY rdiff-backup --restrict . --server

to avoid patching rdiff-backup and for an additional layer of

security.

Hmm -- that might actually be useful. So I take it the client can userelative paths (ie. "server::backup" instead of "server::/backup", or atworst "server::./backup" and it'll be evaluated relative to the cwd)?

Separate per-client user accounts is impractical for my purposes forreasons I've already discussed -- but using relative paths could indeedmake my patch unnecessary. Thanks for the suggestion!

[Prev in Thread]

Current Thread

[Next in Thread]

[rdiff-backup-users] Update to that path prefixing patch, (continued)
- [rdiff-backup-users] Update to that path prefixing patch, Charles Duffy, 2005/08/16
- Re: [rdiff-backup-users] SECURITY: Not all file ops accessed via vetted RPath objects? Also a path prefixing patch, Ben Escoto, 2005/08/17
  - Re: [rdiff-backup-users] SECURITY: Not all file ops accessed via vetted RPath objects? Also a path prefixing patch, Charles Duffy, 2005/08/17
    - Re: [rdiff-backup-users] SECURITY: Not all file ops accessed via vetted RPath objects? Also a path prefixing patch, Ben Escoto, 2005/08/17
    - Re: [rdiff-backup-users] SECURITY: Not all file ops accessed via vetted RPath objects? Also a path prefixing patch, Charles Duffy, 2005/08/17
    - Re: [rdiff-backup-users] SECURITY: Not all file ops accessed via vetted RPath objects? Also a path prefixing patch, Keith Edmunds, 2005/08/17
    - Re: [rdiff-backup-users] SECURITY: Not all file ops accessed via vetted RPath objects? Also a path prefixing patch, Charles Duffy, 2005/08/17
    - Re: [rdiff-backup-users] SECURITY: Not all file ops accessed via vetted RPath objects? Also a path prefixing patch, Ben Escoto, 2005/08/18
    - Re: [rdiff-backup-users] SECURITY: Not all file ops accessed via vetted RPath objects? Also a path prefixing patch, Charles Duffy, 2005/08/18
    - Re: [rdiff-backup-users] SECURITY: Not all file ops accessed via vetted RPath objects? Also a path prefixing patch, Ben Escoto, 2005/08/20
    - Re: [rdiff-backup-users] SECURITY: Not all file ops accessed via vetted RPath objects? Also a path prefixing patch, Charles Duffy <=
    - Re: [rdiff-backup-users] SECURITY: Not all file ops accessed via vetted RPath objects? Also a path prefixing patch, dean gaudet, 2005/08/17
    - Re: [rdiff-backup-users] SECURITY: Not all file ops accessed via vetted RPath objects? Also a path prefixing patch, Charles Duffy, 2005/08/17

Prev by Date: [rdiff-backup-users] A BIG Thanks!
Next by Date: Re: [rdiff-backup-users] Backing up multiple directories
Previous by thread: Re: [rdiff-backup-users] SECURITY: Not all file ops accessed via vetted RPath objects? Also a path prefixing patch
Next by thread: Re: [rdiff-backup-users] SECURITY: Not all file ops accessed via vetted RPath objects? Also a path prefixing patch
Index(es):
- Date
- Thread