Zitat von Grant <emailgrant AT gmail DOT com>:

>>> I'm currently pushing backups from each system to a central backup
>>> server via rdiff-backup.  However, I realized that push backups are
>>> not safe because if one of the systems is compromised, the infiltrator
>>> could delete all of that system's backups with a command like this:
>>>
>>> rdiff-backup --remove-older-than 1s [email protected]::/path/to/backup
>>
>> The Bacula client can't delete its own backups, so it is safe against that
>> problem.
>>
>>> Pull backups don't seem secure because if the central server is
>>> compromised, the infiltrator would have root read privileges on every
>>> backed-up system and would thereby be able to gain root access to
>>> those systems.
>>
>> Bacula does have root read (and write) privileges on every backed-up system,
>> but you can encrypt the backups before sending them to the central server.
>> Bacula can also sign the backups, so the client can verify that a restore
>> doesn't contain modified data.  You still have to keep the  
>> encryption/signing
>> keys secure of course.
>
> Thanks for your help.  I don't think I have the b*lls to give root
> read/write on every system to the backup server. :)
>
> - Grant

You are free to operate the FD (Client) with any permission you like,  
but you have to take care that the FD is able to read anything you  
like to backup and i case of restore it should be able to write and  
maybe to "chown" the files in question.

Regards

Andreas



------------------------------------------------------------------------------
This SF.net email is sponsored by Windows:

Build for Windows Store.

http://p.sf.net/sfu/windows-dev2dev
_______________________________________________
Bacula-users mailing list
Bacula-users AT lists.sourceforge DOT net
https://lists.sourceforge.net/lists/listinfo/bacula-users