|
Re: [Bacula-users] Feature idea feeler - bconsole "include / grep"
2010-05-14 03:03:51
2010/5/12 Frank Sweetser <fs AT wpi DOT edu>
While this is definitely a neat feature, my biggest concern is that this would
be a gigantic privilege escalation hole. By allowing bconsole to execute any
arbitrary command, it becomes impossible for the general system administrator
to restrict the backup operator to bconsole access only via sudo.
Bacula doesn't require "gigantic privileges" to operate with bconsole. If you know a secret password, then you are able to manage bacula director. All you need is set up correct permissions on bconsole.conf file. For example, restrict read only access for specified group - 0640 - and add user to that group.
At a minimum, I'd hope to either see this feature implemented in such a way as
to drop privs to the original user after reading any config files, and also
require a config option to explicitly enable it.
How bconsole will know that it is executed on sudo or su -c ? :)
Radosław Korzeniewski
radoslaw AT korzeniewski DOT net
------------------------------------------------------------------------------
_______________________________________________
Bacula-users mailing list
Bacula-users AT lists.sourceforge DOT net
https://lists.sourceforge.net/lists/listinfo/bacula-users
|
|
|
