Hello,

This is an interesting subject and what everyone says is correct.
I have been thinking over the past few months about how to
improve security, and although we already have one way that
the FD can drop permissions to become a backup only FD,
I have been thinking about two additions:

1. A command line option and/or perhaps a Directive that
forces the FD into read-only mode -- i.e. it can only do
Backups but no restores.  Of course, to do restores, one
would have to turn off the service and restart it (or another
one) with restore permission if one wanted to do restores.

2. Implementation of a ScriptsDirectory that would allow the FD
to run scripts only from that Directory rather than from any
Directory.

Though neither of these would be effective against all attacks
they should permit the user to configure better security.
There are probably a lot of similar ideas that could help improve
security ...

Best regards,
Kern

------------------------------------------------------------------------------
This SF.net email is sponsored by Windows:

Build for Windows Store.

http://p.sf.net/sfu/windows-dev2dev
_______________________________________________
Bacula-users mailing list
Bacula-users AT lists.sourceforge DOT net
https://lists.sourceforge.net/lists/listinfo/bacula-users