hi!
thank you for this information, but this is not my problem.
security for these backup-pc hosts is not so critical, because they are
only visible in a dedicated backup LAN.
but when archiving will work now and the beta-phase testing backupPC
gets finished, I'll make it more secure.
kind regards
markus fröhlich
Am 22.09.2011 20:38, schrieb Jeffrey J. Kosowsky:
> Markus Fröhlich wrote at about 18:43:01 +0200 on Thursday, September 22, 2011:
> > backupPC processes run as user "wwwrun" - this is the apache user -
> > because of the permissions making the configuration over the
> webinterface.
> > the archive request get startet over a cronjob and a small skript once a
> > week:
> > "sudo -u wwwrun /usr/local/BackupPC/bin/BackupPC_archiveStart
> > archive-tape xadmin $XALL_HOSTS"
> > where the variable XALL_HOSTS contain all hosts of the backupPC server.
> >
>
> As has been pointed out several times before on the list, making
> backuppc run as the apache user is potentially a HUGE security hole
> since it may end up allowing anybody to have permission to read any of
> the backups...
> Backuppc should be run as a *separate*, secure user.
>
> ------------------------------------------------------------------------------
> All the data continuously generated in your IT infrastructure contains a
> definitive record of customers, application performance, security
> threats, fraudulent activity and more. Splunk takes this data and makes
> sense of it. Business sense. IT sense. Common sense.
> http://p.sf.net/sfu/splunk-d2dcopy1
> _______________________________________________
> BackupPC-users mailing list
> BackupPC-users AT lists.sourceforge DOT net
> List: https://lists.sourceforge.net/lists/listinfo/backuppc-users
> Wiki: http://backuppc.wiki.sourceforge.net
> Project: http://backuppc.sourceforge.net/
>
--
Mit freundlichen Grüssen
Markus Fröhlich
Techniker
________________________________________________________
Xidras GmbH
Stockern 47
3744 Stockern
Austria
Tel: +43 (0) 2983 201 30503
Fax: +43 (0) 2983 201 305039
Email: markus.froehlich AT xidras DOT com
Web: http://www.xidras.com
FN 317036 f | Landesgericht Krems | ATU64485024
________________________________________________________________________________
VERTRAULICHE INFORMATIONEN!
Diese eMail enthält vertrauliche Informationen und ist nur für den
berechtigten Empfänger bestimmt. Wenn diese eMail nicht für Sie bestimmt
ist, bitten wir Sie, diese eMail an uns zurückzusenden und anschließend
auf Ihrem Computer und Mail-Server zu löschen. Solche eMails und Anlagen
dürfen Sie weder nutzen, noch verarbeiten oder Dritten zugänglich
machen, gleich in welcher Form.
Wir danken für Ihre Kooperation!
CONFIDENTIAL!
This email contains confidential information and is intended for the
authorised recipient only. If you are not an authorised recipient,
please return the email to us and then delete it from your computer
and mail-server. You may neither use nor edit any such emails including
attachments, nor make them accessible to third parties in any manner
whatsoever.
Thank you for your cooperation
________________________________________________________________________________
------------------------------------------------------------------------------
All of the data generated in your IT infrastructure is seriously valuable.
Why? It contains a definitive record of application performance, security
threats, fraudulent activity, and more. Splunk takes this data and makes
sense of it. IT sense. And common sense.
http://p.sf.net/sfu/splunk-d2dcopy2
_______________________________________________
BackupPC-users mailing list
BackupPC-users AT lists.sourceforge DOT net
List: https://lists.sourceforge.net/lists/listinfo/backuppc-users
Wiki: http://backuppc.wiki.sourceforge.net
Project: http://backuppc.sourceforge.net/
|