Moin Jon,
> The difference is that the backup programs are likely to
> run unattended, or by an operator and the result is a collection
> or archive of all the files, possibly on tape. To get root
> privlege during backup, certain programs are "setuid'ed" to
> root. Thus they can, and should be run by the backup user
> despite needing root privlege for certain operations.
Yes, I know that Amanda setuid'ed himself to run some tasks with
higher privileges. But why he didn't setuid also while restore short
before the chown?
When restoring as root, I had to enter a "<hostname> root"-line to the
amandahosts-file. Until now there only must be a "<hostname>
backup"-line for normal backup-tasks, because he uses setuid. Could'nt
this new root-entry be a security-hole now?
On the other hand: I can just add this line manually before each
restore. And if somebody cracks my server, then I have other problems
than this :-) The root-entry didn't listen on external-interfaces, so
what?! :-)
> For a few months, until my game was discovered, my bill dropped
> to about $300/month.
Yes, I know such playing with quota. In the beginning of my CS-studies
our quota-software could'nt count the quota when moving files to
another harddisk. So another student on a different disk installs a
directory for another one. And after that, you could get space only
limited by the space of the other disk(s) :-)
But: Paying for disk-space as you? How long is this away? :-))
--
Bis denne,
Thoddi
|