BackupPC-users
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [BackupPC-users] Backing up a BackupPC server

2009-06-04 15:57:40
Subject: Re: [BackupPC-users] Backing up a BackupPC server
From: "Jeffrey J. Kosowsky" <backuppc AT kosowsky DOT org>
To: "General list for user discussion, questions and support" <backuppc-users AT lists.sourceforge DOT net>
Date: Thu, 04 Jun 2009 15:52:51 -0400 
Les Mikesell wrote at about 11:08:53 -0500 on Thursday, June 4, 2009:
 > Jeffrey J. Kosowsky wrote:
 > > 
 > >  > However, it would still be disturbing to realize that your backup 
 > >  > integrity could be compromised by anyone with access to the files. 
 > >  > Consider a scenario where a disgruntled employee who still has access 
 > > to 
 > >  > files first prepares the 'evil twin' file with the hack to force an md5 
 > >  > value and puts it somewhere that the backup system will find it.  Later 
 > >  > he makes the matching alteration to critical files in a way that 
 > > doesn't 
 > >  > break normal use.  Then he waits for any backups of the unaltered data 
 > >  > to expire, then destroys the working copies and leaves.
 > >  > 
 > >  > Assuming it's your job to restore a working copy, what happens next?
 > > 
 > > I would assume that if such a "disgruntled" employee has *write*
 > > access to critical files, then surreptitiously modifying a few backup
 > > copies would be the least of your worries.
 > 
 > Perhaps, but you are the backup guy and expected to be able to fix those 
 > other things.
 > 
 > > He could much more easily
 > > and reliably make other non-detectable changes to the same critical
 > > files that would be much more guaranteed to create damage than to hope
 > > that some day there would be a crash of the system requiring a restore
 > > of the corrupted pool file.
 > 
 > He doesn't have to 'hope' you need a restore - he can just wipe all the 
 > live copies.  Now it's time for you to put back the old working copies. 
 > With the current backuppc scheme of collision detection you could - if 
 > you relied on md5's blindly you couldn't - or you might get an ugly 
 > surprise from the substitute file.

If he wants to replace those critical files with malware, why not just
do it directly since the "disgruntled" employee  has write access to
them rather than concocting this elaborate roundabout scheme...

------------------------------------------------------------------------------
OpenSolaris 2009.06 is a cutting edge operating system for enterprises 
looking to deploy the next generation of Solaris that includes the latest 
innovations from Sun and the OpenSource community. Download a copy and 
enjoy capabilities such as Networking, Storage and Virtualization. 
Go to: http://p.sf.net/sfu/opensolaris-get
_______________________________________________
BackupPC-users mailing list
BackupPC-users AT lists.sourceforge DOT net
List:    https://lists.sourceforge.net/lists/listinfo/backuppc-users
Wiki:    http://backuppc.wiki.sourceforge.net
Project: http://backuppc.sourceforge.net/
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [BackupPC-users] How to keep backups for xx days, Les Mikesell
Next by Date:  [BackupPC-users] SMB vs RSYNCD, clint woodrow
Previous by Thread:  Re: [BackupPC-users] Backing up a BackupPC server, Les Mikesell
Next by Thread:  Re: [BackupPC-users] Backing up a BackupPC server, Les Mikesell
Indexes:  [Date] [Thread] [Top] [All Lists]