Bacula-users
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [Bacula-users] Bacula security

2013-07-02 10:06:20
Subject: Re: [Bacula-users] Bacula security
From: Kern Sibbald <kern AT sibbald DOT com>
To: Josh Fisher <jfisher AT pvct DOT com>
Date: Tue, 02 Jul 2013 16:02:53 +0200 
On 07/02/2013 02:32 PM, Josh Fisher wrote:
> On 7/1/2013 4:09 PM, Kern Sibbald wrote:
>> Hello,
>>
>> This is an interesting subject and what everyone says is correct.
>> I have been thinking over the past few months about how to
>> improve security, and although we already have one way that
>> the FD can drop permissions to become a backup only FD,
>> I have been thinking about two additions:
>>
>> 1. A command line option and/or perhaps a Directive that
>> forces the FD into read-only mode -- i.e. it can only do
>> Backups but no restores.  Of course, to do restores, one
>> would have to turn off the service and restart it (or another
>> one) with restore permission if one wanted to do restores.
>>
>> 2. Implementation of a ScriptsDirectory that would allow the FD
>> to run scripts only from that Directory rather than from any
>> Directory.
> A ScriptsDirectory is a good idea, although I would add that it is
> essential that the ScriptsDirectory must NOT be restorable, else a
> compromised Dir could place any script it wants in the ScriptDirectory
> in a two-step attack. #2 does not make any difference unless used in
> conjunction with #1.
>
> Also, another approach is a command line option or FD directive to
> disallow scripts so that each FD could enable or disable scripts
> altogether. Using PKI data encryption together with the ability to
> disable scripts would allow for fairly safe restores, since the FD's
> private key would be needed to alter any files being restored and a
> compromised Dir could not run commands to alter the FD's private key
> even when FD was running as root.
>
Hello Josh,

Good points.  Thanks. I will be sure to use them as
input for implementation.

Best regards,
Kern

...

------------------------------------------------------------------------------
This SF.net email is sponsored by Windows:

Build for Windows Store.

http://p.sf.net/sfu/windows-dev2dev
_______________________________________________
Bacula-users mailing list
Bacula-users AT lists.sourceforge DOT net
https://lists.sourceforge.net/lists/listinfo/bacula-users
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  [Bacula-users] Bacula vchanger USB - Device is not open, arnaldojsousa
Next by Date:  [Bacula-users] Intervention needed, asking for tape not in library, Kevin B. Zimmerman
Previous by Thread:  Re: [Bacula-users] Bacula security, Josh Fisher
Next by Thread:  Re: [Bacula-users] Bacula security, Martin Simmons
Indexes:  [Date] [Thread] [Top] [All Lists]