Re: Encryption - logging
2006-08-16 10:32:00
>> On Wed, 16 Aug 2006 14:44:59 +0200, Henrik Wahlstedt <SHWL AT STATOIL DOT
>> COM> said:
> So my questions are: Is the possible to do automated encrypted
> backups but limit the restore functionality to thoose who knows
> encryption password?
The only people who can restore are people who can log into your
machine, and they can only restore files they can write. I'm confused
about why I shouldn't be able to restore one of my files.
I'm poking that question because it feels like you're asking TSM to
enforce a security restriction you haven't been able to enforce
locally on the box. Trying to prevent root@yourbox from restoring
something sounds like a tall order.
> How do I monitor restores on the TSM server in good way.
I haven't found a happy method. Consider, the logging there could be
Really Extensive. I don't want to list somebody's 3-million filenames
in my TSM serverlog.
- Allen S. Rout
|
|
|