On 5/10/2010 7:39 PM, mark.bergman AT uphs.upenn DOT edu wrote:
>
>
> In the message dated: Mon, 10 May 2010 13:26:51 +1000,
> The pithy ruminations from Norberto Meijome on
> <Re: [Bacula-users] Feature idea feeler - bconsole "include / grep"> were:
>
> =>
> => (and to the list.. Apologies Gavin for private reply...)
> =>
> => On 7 May 2010 19:19, Gavin McCullagh<gavin.mccullagh AT gcd DOT ie>
> wrote:
> =>
> => > On Thu, 06 May 2010, Steve Polyack wrote:
> => >
>
> [SNIP!]
>
> => > > bconsole session. However, perhaps a solution would be to have
> bconsol=
> => e
> => > > parse the pipe character and feed output into the command that
> follows
> => > > which could be any arbitrary *nix command (as opposed to
> => > > writing/including our own version of grep).
> => >
>
> I think that's a great suggestion, and the cleanest way to do this. I'd add
> one
> thing, which is to have bconsole detect ">" in a command as well. The logic
> would be (in bad pseudo-code):
While this is definitely a neat feature, my biggest concern is that this would
be a gigantic privilege escalation hole. By allowing bconsole to execute any
arbitrary command, it becomes impossible for the general system administrator
to restrict the backup operator to bconsole access only via sudo.
At a minimum, I'd hope to either see this feature implemented in such a way as
to drop privs to the original user after reading any config files, and also
require a config option to explicitly enable it.
--
Frank Sweetser fs at wpi.edu | For every problem, there is a solution that
WPI Senior Network Engineer | is simple, elegant, and wrong. - HL Mencken
GPG fingerprint = 6174 1257 129E 0D21 D8D4 E8A3 8E39 29E3 E2E8 8CEC
------------------------------------------------------------------------------
_______________________________________________
Bacula-users mailing list
Bacula-users AT lists.sourceforge DOT net
https://lists.sourceforge.net/lists/listinfo/bacula-users
|