maybe this is a dumb question
2003-08-26 11:43:06
One of my student workers - who happens to be setting up Amanda,
recently came to me with a concern about how the backup/restore process
handles soft links. I suspect that this is a non-issue in that Amanda
has already figured out a way to deal with this, but just in case...
Let's say a user creates a soft link in their home directory that points
to
/usr/bin, eg:
lrwxrwxrwx 1 cbarnes barnes 15 July 1 13:35 mybin -> /usr/bin/
Then the backups of the home are run.
Then the user removes the softlink and creates a real directory with
that same name.
drwxr-xr-x 2 cbarnes barnes 4096 Aug 18 17:23 mybin
and then puts a modified program into that directory:
drwxr-xr-x 2 cbarnes barnes 4096 Aug 18 17:23 ./
drwxr-xr-x 13 cbarnes cbarnes 4096 Aug 25 17:31 ../
-r-s--x--x 1 cbarnes barnes 7667 Aug 18 17:26 passwd*
and backups are run again.
The concern is that when a restore is run, the softlink to the /usr/bin
directory will be recreated, then the file will be restored into that
directory, overwriting the file that is supposed to be there (ie.
creating a security issue).
1) Is this possible, or does Amanada already do something to prevent
this?
2) If it is possbile, are there any security considerations we need to
take into consideration when running backups or restore jobs?
--
+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
Chris Barnes AOL IM: CNBarnes
chris-barnes AT tamu DOT edu Yahoo IM: chrisnbarnes
Computer Systems Manager ph: 979-845-7801
Department of Physics fax: 979-845-2590
Texas A&M University
|
<Prev in Thread] |
Current Thread |
[Next in Thread>
|
- maybe this is a dumb question,
Chris Barnes <=
|
|
|