On 3/23/2010 2:41 PM, Frank J. Gómez wrote:
> I have an interesting situation here. One of my users refuses to
> participate in the system of backups because she's concerned about the
> security of her files. She agreed to participate if I can make the
> system work such that even I am unable to see the contents of her
> files. She's running Windows -- XP Home, I believe.
>
> A little Googling and some brainstorming leads me to consider three
> courses of action.
>
> 1. Use a pre-dump command to encrypt the files before BackupPC reads
> her files. I've not used pre-dump commands before, so I'm not
> entirely sure how they work, but I imagine I could tell BackupPC
> to read only c:\foo, but, prior to doing that, run a script which
> takes the files in c:\my\sensitive\junk and creates an encrypted
> archive in c:\foo. I assume the pre-dump script would live in the
> cygwin environment, which is probably better for me anyway, since
> I don't know anything about Windows scripting. If this were a
> Linux system, I'd tar the files up and then pass the tar to gnupg,
> but I don't know if this is possible in a cygwin environment.
> Then, post-dump, I'd shred (or rm, if shred is unavailable) the
> temporary file in c:\foo.
> 2. Some post I read somewhere suggested you could simply change your
> compression method or transfer method to a script that does the
> encryption before writing to disk. Nice thing about this idea is
> I can do all the configuration on the server. Does sound a little
> scary though!
> 3. Use scheduled tasks (or whatever the Windows equivalent of cron
> is) to periodically create/delete encrypted archives, independent
> of BackupPC scheduling.
If you have the ability to run the pre-dump command, you have the
ability to read the files... Maybe you could use a scheduled job on the
sensitive machine to write encrypted copies to some network share that
you back up.
--
Les Mikesell
lesmikesell AT gmail DOT com
------------------------------------------------------------------------------
Download Intel® Parallel Studio Eval
Try the new software tools for yourself. Speed compiling, find bugs
proactively, and fine-tune applications for parallel performance.
See why Intel Parallel Studio got high marks during beta.
http://p.sf.net/sfu/intel-sw-dev
_______________________________________________
BackupPC-users mailing list
BackupPC-users AT lists.sourceforge DOT net
List: https://lists.sourceforge.net/lists/listinfo/backuppc-users
Wiki: http://backuppc.wiki.sourceforge.net
Project: http://backuppc.sourceforge.net/
|