>>>>> On Sat, 29 Jun 2013 07:24:36 -0700, Grant  said:
> 
> I'm currently pushing backups from each system to a central backup
> server via rdiff-backup.  However, I realized that push backups are
> not safe because if one of the systems is compromised, the infiltrator
> could delete all of that system's backups with a command like this:
> 
> rdiff-backup --remove-older-than 1s [email protected]::/path/to/backup

The Bacula client can't delete its own backups, so it is safe against that
problem.


> Pull backups don't seem secure because if the central server is
> compromised, the infiltrator would have root read privileges on every
> backed-up system and would thereby be able to gain root access to
> those systems.

Bacula does have root read (and write) privileges on every backed-up system,
but you can encrypt the backups before sending them to the central server.
Bacula can also sign the backups, so the client can verify that a restore
doesn't contain modified data.  You still have to keep the encryption/signing
keys secure of course.

__Martin

------------------------------------------------------------------------------
This SF.net email is sponsored by Windows:

Build for Windows Store.

http://p.sf.net/sfu/windows-dev2dev
_______________________________________________
Bacula-users mailing list
Bacula-users AT lists.sourceforge DOT net
https://lists.sourceforge.net/lists/listinfo/bacula-users