BackupPC-users
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [BackupPC-users] File restore integrity

2010-06-18 15:01:16
Subject: Re: [BackupPC-users] File restore integrity
From: Les Mikesell <lesmikesell AT gmail DOT com>
To: backuppc-users AT lists.sourceforge DOT net
Date: Fri, 18 Jun 2010 13:59:31 -0500 
On 6/18/2010 2:25 AM, Jonathan Schaeffer wrote:
>
>> If you are going to corrupt something intentionally and you have root
>> access, you would also be able to replace/bypass any such check.  Don't
>> give anyone you don't trust root access...
> The problem is not who I give root access but who takes it in my back.

I think you are trying to solve the wrong problem.  Start with the 
premise that it is impossible to fix a system where a good hacker has 
had root access.

> First, I will not connect the BackupPC host to the internet
> Then, I'll use a file alteration monitor on the system to be aware of any
> modification in the backupPC core programs and in the data stored. iwatch 
> looks
> like a good candidate.

Again, keep in mind that anything on the system can be subverted by a 
good hacker, including these tools and their databases.

> Finaly, I'll keep in mind that anybody gaining root priviledges can basicaly 
> do
> all imaginable stuff.
>
> Still, would'nt it be a nice feature to check the file integrity before the
> restore ? Not only in case of evil intrusion but also in case of data
> corruption, preventing corrupted data to be restored.

I'd rather have a copy that had not been corrupted, so before spending 
an inordinate amount of time second-guessing ways to detect unlikely 
problems, I'd try to make sure I had a solution for them - like a 2nd 
instance of a backup server in a different location.  But, I suppose 
such a check could be done by repeating the content-hashing pool 
matching process to make sure you'd still map to the same pool filename.

-- 
    Les Mikesell
     lesmikesell AT gmail DOT com

------------------------------------------------------------------------------
ThinkGeek and WIRED's GeekDad team up for the Ultimate 
GeekDad Father's Day Giveaway. ONE MASSIVE PRIZE to the 
lucky parental unit.  See the prize list and enter to win: 
http://p.sf.net/sfu/thinkgeek-promo
_______________________________________________
BackupPC-users mailing list
BackupPC-users AT lists.sourceforge DOT net
List:    https://lists.sourceforge.net/lists/listinfo/backuppc-users
Wiki:    http://backuppc.wiki.sourceforge.net
Project: http://backuppc.sourceforge.net/
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [BackupPC-users] hello backuppc network problem of newbie, Josh Malone
Next by Date:  Re: [BackupPC-users] hello backuppc network problem of newbie, fakessh
Previous by Thread:  Re: [BackupPC-users] File restore integrity, Jonathan Schaeffer
Next by Thread:  Re: [BackupPC-users] File restore integrity, Jonathan Schaeffer
Indexes:  [Date] [Thread] [Top] [All Lists]