On 02/24/2016 06:39 PM, Peter Keller wrote:

... Also, all users would have the
> same Password, and there would be nothing stopping them from
> just writing a baculejo.conf for root and escalating
> themselves into administrative privileges in bacula's console.

As a side note backups vs permissions has always been a very icky issue
anyway: what do you expect to happen when a non-root user tries to
restore files they have no read permission to? Or look at other peoples
filenames in the catalog? Personally I don't think there is a general
solution other than not letting non-root users touch any of it.

-- 
Dimitri Maziuk
Programmer/sysadmin
BioMagResBank, UW-Madison -- http://www.bmrb.wisc.edu

signature.asc
Description: OpenPGP digital signature

------------------------------------------------------------------------------
Site24x7 APM Insight: Get Deep Visibility into Application Performance
APM + Mobile APM + RUM: Monitor 3 App instances at just $35/Month
Monitor end-to-end web transactions and take corrective actions now
Troubleshoot faster and improve end-user experience. Signup Now!
http://pubads.g.doubleclick.net/gampad/clk?id=272487151&iu=/4140

_______________________________________________
Bacula-users mailing list
Bacula-users AT lists.sourceforge DOT net
https://lists.sourceforge.net/lists/listinfo/bacula-users