Amanda-Users
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: maybe this is a dumb question

2003-08-27 13:55:38
Subject: Re: maybe this is a dumb question
From: "Chris Barnes" <chris-barnes AT tamu DOT edu>
To: amanda-users AT amanda DOT org
Date: Wed, 27 Aug 2003 12:54:12 -0500 
Jay Lessert <jayl AT accelerant DOT net> wrote:
> On Wed, Aug 27, 2003 at 01:33:01PM -0400, Jeremy L. Mordkoff wrote:
>> My policy is to never restore files in place.
>
> I agree that is a good practice (doesn't prevent Chris' student's
> proposed exploit, though).

Actually, I think it might.  If we restore to a temporary location, then
the /etc/passwd (from my previous example) won't be overwritten.  The
malicious user couldn't move it manually (since they wouldn't have write
permissions through the softlink).


--

+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
Chris Barnes                                       AOL IM: CNBarnes
chris-barnes AT tamu DOT edu                            Yahoo IM: chrisnbarnes
Computer Systems Manager                               ph: 979-845-7801
Department of Physics                                 fax: 979-845-2590
Texas A&M University
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: Spam is getting old..., Kurt Yoder
Next by Date:  Multiple backups on one tape., David Barcelo
Previous by Thread:  Re: maybe this is a dumb question, Jay Lessert
Next by Thread:  Re: maybe this is a dumb question, Jay Lessert
Indexes:  [Date] [Thread] [Top] [All Lists]