Les Mikesell wrote at about 15:23:57 -0500 on Thursday, June 4, 2009:
 > Jeffrey J. Kosowsky wrote:
 > > 
 > >  > 
 > >  > He doesn't have to 'hope' you need a restore - he can just wipe all the 
 > >  > live copies.  Now it's time for you to put back the old working copies. 
 > >  > With the current backuppc scheme of collision detection you could - if 
 > >  > you relied on md5's blindly you couldn't - or you might get an ugly 
 > >  > surprise from the substitute file.
 > > 
 > > If he wants to replace those critical files with malware, why not just
 > > do it directly since the "disgruntled" employee  has write access to
 > > them rather than concocting this elaborate roundabout scheme...
 > 
 > Because then you'd still have a copy of the real data that you could 
 > simply restore.  Remember - that's why you made those backups, thinking 
 > they actually held copies of the original files.
 > 

I imagine you could get around all this by adding a random 'salt' to
the md5sum calculations. If you don't know the salt, then you won't be
able to force collisions. As long as the salt was kept as secure as
the BackupPC user password then you wouldn't gain anything by knowing
the salt that you couldn't get by just logging in as user BackupPC and
messing with the backup program or pool directly.

------------------------------------------------------------------------------
OpenSolaris 2009.06 is a cutting edge operating system for enterprises 
looking to deploy the next generation of Solaris that includes the latest 
innovations from Sun and the OpenSource community. Download a copy and 
enjoy capabilities such as Networking, Storage and Virtualization. 
Go to: http://p.sf.net/sfu/opensolaris-get
_______________________________________________
BackupPC-users mailing list
BackupPC-users AT lists.sourceforge DOT net
List:    https://lists.sourceforge.net/lists/listinfo/backuppc-users
Wiki:    http://backuppc.wiki.sourceforge.net
Project: http://backuppc.sourceforge.net/