Networker

Re: [Networker] recover command and security

2004-01-23 19:06:26
Subject: Re: [Networker] recover command and security
From: Scott Russell <lnxgeek AT US.IBM DOT COM>
To: NETWORKER AT LISTMAIL.TEMPLE DOT EDU
Date: Fri, 23 Jan 2004 19:06:20 -0500
On Fri, 2004-01-23 at 18:43, Tim Mooney wrote:
> In regard to: [Networker] recover command and security, Joel Krajden said...:
>
> >Is there any way to prevent an ordinary user from recovering files that do 
> >not
> >belong to the user. I thought this problem was fixed but I just used the 
> >linux
> >6.1.3 client to recover a file belonging to root which was restored as
> >belonging to me.
>
> Not with 6.1.x.  In fact, on many systems it's nearly impossible to prevent
> a determined user from recovering files that they should have no access to,
> especially since a `recover' binary could be extracted from any of the
> downloadable packages on Legato's web site.

Can you educate me a bit on this? I posted a previous example to this
thread showing a 6.1.4 client on Linux not allowing the recovery of a
file the user did not have read access to.

How does 6.1.x Networker let a user recover a file that they don't
already have permission to read on the file system? A working example
would be nice to see.

If the user has read access to the file on the file system Networkers
ability to let that user recover the file off tape seems kind of
pointless.

--
Scott Russell <lnxgeek AT us.ibm DOT com>
Linux Technology Center System Admin

--
Note: To sign off this list, send a "signoff networker" command via email
to listserv AT listmail.temple DOT edu or visit the list's Web site at
http://listmail.temple.edu/archives/networker.html where you can
also view and post messages to the list.
=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=