Amanda-Users
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: Web interface for Amanda

2008-11-11 03:40:19
Subject: Re: Web interface for Amanda
From: Olivier Nicole <on AT cs.ait.ac DOT th>
To: Marc.Muehlfeld AT medizinische-genetik DOT de
Date: Tue, 11 Nov 2008 15:35:38 +0700 (ICT) 
Hi marc,

> > This interface is written in PHP (with a small part in Perl) and
> > should run on the Amanda server, under the Amanda user and group.
> Is it a good idea to let a web based application run with access
> rights of the user that collect the data of all my servers? Wouldn't
> it be better, at least to set the rights of the files you edit so
> that the webserver user can only change them? I think, if the
> webserver can edit .amandahosts (), a security whole in your script
> may allow to add his computer and restore all data. It's worse
> enough if only the passwords of the shares are stolen.

If only you knew how it was done when it was written in Perl :)

The problem is that amandapass must be mode 600 and belong to
amanda:amanda. If the web server does not run as amanda:amanda it
needs some mechanism (home made?) to allow to edit the file. That
mechanism could introduce other security threat.

The web server runinning the interface runs only that interface and is
not accessible/visible from outside. OK that is not full security, but
then amanda server is not physically secured either, any local user
can access the machine and could steal the hard disk.

Or steal one of the disk holding the virtual tapes.

> Also one point about your documentation:
>  > Step 4: Turn off the firewall
>  > In some case, Windows XP will not let you access to your PC with this
>  > interface. You must turn off your firewall.
> 
> Why having a firewall, if users (are told) allways deactivate them
> on every problem? Isn't a firewall totaly useless, if it is
> deactivated (even if only for a short time)? I think a better hint
> would be, to ensure, that subnet of the server or better the backup
> host itself is only allowed to access the share. Default for the
> file shares rule is "current subnet". This is normally the problem,
> if the server is in a different subnet and can't access the client.

I was too lazy to dig it out, plus it contains a lot of Microsoft
uncertainity, but the first time I tried to access to a new machine
(new XP install, SP3) smbclient would not connect. Without the
firewall it did connect.

Later on, it would connect even with the firewall activated.

My chest for magic spell being currently empty (debugging of XP) I
choose to leave it like that.

It happened once, so it may happen to others...

Thanks for the remarks,

Olivier
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: Web interface for Amanda, Marc Muehlfeld
Next by Date:  Re: Web interface for Amanda, Marc Muehlfeld
Previous by Thread:  Re: Web interface for Amanda, Marc Muehlfeld
Next by Thread:  Re: Web interface for Amanda, Marc Muehlfeld
Indexes:  [Date] [Thread] [Top] [All Lists]