Networker

Re: [Networker] recover command and security

2004-01-23 18:44:03
Subject: Re: [Networker] recover command and security
From: Tim Mooney <mooney AT DOGBERT.CC.NDSU.NODAK DOT EDU>
To: NETWORKER AT LISTMAIL.TEMPLE DOT EDU
Date: Fri, 23 Jan 2004 17:43:45 -0600
In regard to: [Networker] recover command and security, Joel Krajden said...:

>Is there any way to prevent an ordinary user from recovering files that do not
>belong to the user. I thought this problem was fixed but I just used the linux
>6.1.3 client to recover a file belonging to root which was restored as
>belonging to me.

Not with 6.1.x.  In fact, on many systems it's nearly impossible to prevent
a determined user from recovering files that they should have no access to,
especially since a `recover' binary could be extracted from any of the
downloadable packages on Legato's web site.

Tim
--
Tim Mooney                              mooney AT dogbert.cc.ndsu.NoDak DOT edu
Information Technology Services         (701) 231-1076 (Voice)
Room 242-J6, IACC Building              (701) 231-8541 (Fax)
North Dakota State University, Fargo, ND 58105-5164

--
Note: To sign off this list, send a "signoff networker" command via email
to listserv AT listmail.temple DOT edu or visit the list's Web site at
http://listmail.temple.edu/archives/networker.html where you can
also view and post messages to the list.
=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=