Veritas-bu
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [Veritas-bu] sniff...bpgp is gone from 6.5

2008-01-22 13:43:58
Subject: Re: [Veritas-bu] sniff...bpgp is gone from 6.5
From: <Mark.Donaldson AT cexp DOT com>
To: <simon.weaver AT astrium.eads DOT net>, <Bob.A.Stump AT fnis DOT com>, <VERITAS-BU AT mailman.eng.auburn DOT edu>
Date: Tue, 22 Jan 2008 11:24:54 -0700 
The need to distribute client binary upgrades still exists. What method
is used now?  Can you mine the "update_clients" script (if it is indeed
a script).  I'm still at 6.0.5. 

-----Original Message-----
From: veritas-bu-bounces AT mailman.eng.auburn DOT edu
[mailto:veritas-bu-bounces AT mailman.eng.auburn DOT edu] On Behalf Of WEAVER,
Simon (external)
Sent: Tuesday, January 22, 2008 10:59 AM
To: Stump, Bob A; VERITAS-BU AT mailman.eng.auburn DOT edu
Subject: Re: [Veritas-bu] sniff...bpgp is gone from 6.5


Cant get to a test lab, but found this...

https://forums.symantec.com/syment/board/message?board.id=21&message.id=
40520

Simon

-----Original Message-----
From: veritas-bu-bounces AT mailman.eng.auburn DOT edu
[mailto:veritas-bu-bounces AT mailman.eng.auburn DOT edu] On Behalf Of Stump,
Bob A
Sent: Tuesday, January 22, 2008 5:56 PM
To: VERITAS-BU AT mailman.eng.auburn DOT edu
Subject: Re: [Veritas-bu] sniff...bpgp is gone from 6.5


Somebody please check to see if bpdir still exists in NB 6.5


-----Original Message-----
From: veritas-bu-bounces AT mailman.eng.auburn DOT edu
[mailto:veritas-bu-bounces AT mailman.eng.auburn DOT edu] On Behalf Of cpreston
Sent: Tuesday, January 22, 2008 12:41 PM
To: VERITAS-BU AT mailman.eng.auburn DOT edu
Subject: [Veritas-bu] sniff...bpgp is gone from 6.5


I'm looking into whether or not this is true.  If it is, it's time for
an email campaign. 

Some see it as a security hole, and I think that's ridiculous.  Anybody
who is root/Administrator on a NetBackup master can push any file to any
client any time they want via a backup/restore command.  Removing bpgp
only makes it take a few minutes instead of a few seconds.

Other complaints about it over the years have been that it doesn't check
for like/like. You can overwrite a directory with a file if you tell it
to.  For example, the following command would be VERY BAD!

WRONGWAY# bpgp to client /etc/hosts /etc #DON'T DO THIS

While this would be perfectly valid syntax with copy, cp, rcp, mv, etc,
it is NOT proper syntax with bpgp.  The command above would overwrite
the /etc DIRECTORY with /etc/hosts, which, of course, would not be good
for your client.  (Some have even overwritten their root mount point.)
Perhaps they got too many calls from people that did just that.

Of course, about five lines of code could have fixed that problem.  It
doesn't allow you to copy a directory, but it doesn't check if what
you're copying to is a directory. A simple check that the target file is
or is not a directory would have sufficed.  If it was a directory, it
could just exit with error.  But they chose instead to just pretend the
command didn't exist.  It's not documented; there's not even a Usage
statement in the command itself, even if you do strings.  If you call
support and complain they tell you it's not supported.

+----------------------------------------------------------------------
|This was sent by cpreston AT glasshouse DOT com via Backup Central. Forward 
|SPAM to abuse AT backupcentral DOT com.
+----------------------------------------------------------------------


_______________________________________________
Veritas-bu maillist  -  Veritas-bu AT mailman.eng.auburn DOT edu
http://mailman.eng.auburn.edu/mailman/listinfo/veritas-bu

______________

The information contained in this message is proprietary and/or
confidential. If you are not the 
intended recipient, please: (i) delete the message and all copies; (ii)
do not disclose, 
distribute or use the message in any manner; and (iii) notify the sender
immediately. In addition, 
please be aware that any message addressed to our domain is subject to
archiving and review by 
persons other than the intended recipient. Thank you. _____________

_______________________________________________
Veritas-bu maillist  -  Veritas-bu AT mailman.eng.auburn DOT edu
http://mailman.eng.auburn.edu/mailman/listinfo/veritas-bu

This email (including any attachments) may contain confidential and/or
privileged information or information otherwise protected from
disclosure.
If you are not the intended recipient, please notify the sender
immediately, do not copy this message or any attachments and do not use
it
for any purpose or disclose its content to any person, but delete this
message and any attachments from your system. Astrium disclaims any and
all
liability if this email transmission was virus corrupted, altered or
falsified.
---------------------------------------------------------------------
Astrium Limited, Registered in England and Wales No. 2449259
REGISTERED OFFICE:-
Gunnels Wood Road, Stevenage, Hertfordshire, SG1 2AS, England

_______________________________________________
Veritas-bu maillist  -  Veritas-bu AT mailman.eng.auburn DOT edu
http://mailman.eng.auburn.edu/mailman/listinfo/veritas-bu

_______________________________________________
Veritas-bu maillist  -  Veritas-bu AT mailman.eng.auburn DOT edu
http://mailman.eng.auburn.edu/mailman/listinfo/veritas-bu
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [Veritas-bu] [TAG] large file server/backup system: technical opinions?, Justin Piszcz
Next by Date:  Re: [Veritas-bu] sniff...bpgp is gone from 6.5, Curtis Preston
Previous by Thread:  Re: [Veritas-bu] sniff...bpgp is gone from 6.5, WEAVER, Simon (external)
Next by Thread:  Re: [Veritas-bu] sniff...bpgp is gone from 6.5, Curtis Preston
Indexes:  [Date] [Thread] [Top] [All Lists]