On Wed, 13 Sep 1995 19:47:47 +0200 you said:
>A possible pitfall is that the use of the pw=generate meachnism changes
>the semantics:
>
>- If you do specify the password, ADSM treats you as root user, i.e. it
> allows you to work for all Unix users, loading their files up and down
> (of course only those files Unix allows you to read or write). But you
> can reload another user's file into your own directory.
>
>- If you enter the ADSM client via a generated password, ADSM allows you
> to operate only on the files you own. This is reasonable because you do
> not want that user A can reload user B's files into user A's directory.
> For regular scheduled backups, this is probably not what you want.
>
>This feature is not documented.
>
>For regular backups of the entire file system, you have to live with the
>passwords revealed as described. As a consequence, you should make sure
>that the backup is performed on a machine where no normal user has access,
>otherwise all backed up files are open to the public (for reading only).
Helmut,
I don't see why you don't just use the passwordaccess=generate option, and
run the regularly scheduled backups as root. You said "For regular
scheduled backups, this is probably not what you want", but I don't see
why not. Unless it is because you do not want to run the regular scheduled
backups from the root userid. Is this the case?
..Confused
Paul Zarnowski Phone: 607/255-4757
Cornell Information Technologies Fax: 607/255-6523
Cornell University US Mail: 315 CCC, Ithaca, NY 14853-2601
|