Jeff writes:

> The only challenge is that commands like DumpPreUserCmd are executed
directly without a shell which means I have to either wrap it in a
> script or in some "bash -c" ugliness.

Yes.

> Which brings to mind a suggestion...
> Why not execute these commands in a shell.
> They are not run that frequently (once per day per host) so the
> overhead of launching a shell would be low while the benefit would be
> high in terms of flexibility.

It's not the overhead - the goal is to avoid potential security
issues with shells (which come from all the flexibility it offers).
While a shell can certainly be used securely (including careful
argument checking, using absolute paths for executables, using -b
etc), one of several risks include having someone sneak in arguments
that include meta characters (eg "; /bin/rm -rf /").

Craig

------------------------------------------------------------------------------
Join us December 9, 2009 for the Red Hat Virtual Experience,
a free event focused on virtualization and cloud computing. 
Attend in-depth sessions from your desk. Your couch. Anywhere.
http://p.sf.net/sfu/redhat-sfdev2dev
_______________________________________________
BackupPC-users mailing list
BackupPC-users AT lists.sourceforge DOT net
List:    https://lists.sourceforge.net/lists/listinfo/backuppc-users
Wiki:    http://backuppc.wiki.sourceforge.net
Project: http://backuppc.sourceforge.net/