Re: [Bacula-users] restricted consoles and uids
2016-02-24 19:41:09
Hello,
On 02/24/2016 05:50 PM, Heitor Faria wrote:
> *Minor correction:
>
> cat /usr/sbin/baculejo
> =========================>8 Cut Here >8===========================
> DIR_NAME=hfaria-K46CB-dir
> DIR_ADDRESS=localhost
>
> echo " Director {
> Name = $DIR_NAME
> DIRport = 9101
> Address = $DIR_ADDRESS
> Password = "xxxx"
> }
>
> Console {
> Name = $USER
> Password = "password"
> }" > /tmp/baculejo.conf
>
> bconsole -c /tmp/baculejo.conf
I see why this works, but it tells me there is no way in bacula
to perform the configuration in question without resorting to
either a wrapper script, some other out of band solution, or
implementing code in bacula. Also, all users would have the
same Password, and there would be nothing stopping them from
just writing a baculejo.conf for root and escalating
themselves into administrative privileges in bacula's console.
Thank you.
-pete
------------------------------------------------------------------------------
Site24x7 APM Insight: Get Deep Visibility into Application Performance
APM + Mobile APM + RUM: Monitor 3 App instances at just $35/Month
Monitor end-to-end web transactions and take corrective actions now
Troubleshoot faster and improve end-user experience. Signup Now!
http://pubads.g.doubleclick.net/gampad/clk?id=272487151&iu=/4140
_______________________________________________
Bacula-users mailing list
Bacula-users AT lists.sourceforge DOT net
https://lists.sourceforge.net/lists/listinfo/bacula-users
|
|
|