>> I'm currently pushing backups from each system to a central backup
>> server via rdiff-backup.  However, I realized that push backups are
>> not safe because if one of the systems is compromised, the infiltrator
>> could delete all of that system's backups with a command like this:
>>
>> rdiff-backup --remove-older-than 1s [email protected]::/path/to/backup
>
> The Bacula client can't delete its own backups, so it is safe against that
> problem.
>
>> Pull backups don't seem secure because if the central server is
>> compromised, the infiltrator would have root read privileges on every
>> backed-up system and would thereby be able to gain root access to
>> those systems.
>
> Bacula does have root read (and write) privileges on every backed-up system,
> but you can encrypt the backups before sending them to the central server.
> Bacula can also sign the backups, so the client can verify that a restore
> doesn't contain modified data.  You still have to keep the encryption/signing
> keys secure of course.

Thanks for your help.  I don't think I have the b*lls to give root
read/write on every system to the backup server. :)

- Grant

------------------------------------------------------------------------------
This SF.net email is sponsored by Windows:

Build for Windows Store.

http://p.sf.net/sfu/windows-dev2dev
_______________________________________________
Bacula-users mailing list
Bacula-users AT lists.sourceforge DOT net
https://lists.sourceforge.net/lists/listinfo/bacula-users