On Thu, Feb 24, 2005 at 02:16:36PM -0500, Brian Cuttler wrote:
>
> Gil,
>
> I'm confused, why would suid be needed on ufsdump - isn't it run
> beneith the amanda program (/usr/local/libexec/) rundump which is suid ?
>
It is not an amanda requirement, it is the way the system supplies ufsdump.
I suspect it is so that things like /etc/dumpdates can be updated.
Though I'm not sure /etc/dumpdates gets updated when ufsdump is run
by an ordinary user. I'm pretty sure that if run by an ordinary user
ufsdump would switch id's to do the actual reading of files so that
the ordinary user does not get to "backup" files they are not allowed
to see under normal circumstances. But there may be a few tasks that
require root privleges outside of the actual dumping.
--
Jon H. LaBadie jon AT jgcomp DOT com
JG Computing
4455 Province Line Road (609) 252-0159
Princeton, NJ 08540-4322 (609) 683-7220 (fax)
|