Hi everyone. I'm a new BackupPC user, this is my first post here.
Here's my problem: I love having online backups, they're very convenient. But
they're a huge security problem. All of the LAN's most sensitive files become
readable by user backuppc, who can be attacked through the web application.
Worse, all of the files become readable by the BackupPC administrative user, and
each host's files by that host's designated backup owner. If any of these has a
weak password, or if the BackupPC login doesn't run over SSL, or if the htdigest
file is unprotected, then we give away the store. Root security for the whole
LAN becomes equivalent to a whole bunch of typically weaker links.
My question for you is, how are people addressing this problem? Enforcing
strong passwords? Limiting the number of users with restore rights? Segmenting
your hosts into sensitive and less-sensitive files?
Thanks,
Andrew.
------------------------------------------------------------------------------
Come build with us! The BlackBerry® Developer Conference in SF, CA
is the only developer event you need to attend this year. Jumpstart your
developing skills, take BlackBerry mobile applications to market and stay
ahead of the curve. Join us from November 9-12, 2009. Register now!
http://p.sf.net/sfu/devconf
_______________________________________________
BackupPC-users mailing list
BackupPC-users AT lists.sourceforge DOT net
List: https://lists.sourceforge.net/lists/listinfo/backuppc-users
Wiki: http://backuppc.wiki.sourceforge.net
Project: http://backuppc.sourceforge.net/
|
