Thorsten Bremer wrote:
Yes, I know that Amanda setuid'ed himself to run some tasks with
higher privileges. But why he didn't setuid also while restore short
before the chown?
I have indeed been thinking about such a possibility.
It could be implemented to use the suid-program runtar by amrecover.
(When using the bare "amrestore", or dd+tar you're assumed to Know
What You're Doing, and can limit the root access to the actual
extraction).
Still thinking of the consequences... (It actually means that
the amanda user is equivalent to root: she can replace any file
with any content she wants, including /etc/shadow.)
When restoring as root, I had to enter a "<hostname> root"-line to the
amandahosts-file. Until now there only must be a "<hostname>
backup"-line for normal backup-tasks, because he uses setuid. Could'nt
this new root-entry be a security-hole now?
That depends on the people who have root access to that amanda-client.
If other people than me and my collegue have root access on a server,
I uncomment such a line in .amandahosts on the server, run amrecover,
and then comment it again.
Otherwise any root-person on that amanda-client can restore anything
they want from *any* client (you still have to insert a tape, probably
manually, but access to holdingdiskfiles and access to the
tape-to-be-overwritten-this-night is possible).
--
Paul Bijnens, Xplanation Tel +32 16 397.511
Technologielaan 21 bus 2, B-3001 Leuven, BELGIUM Fax +32 16 397.512
http://www.xplanation.com/ email: [EMAIL PROTECTED]
***********************************************************************
* I think I've got the hang of it now: exit, ^D, ^C, ^\, ^Z, ^Q, F6, *
* quit, ZZ, :q, :q!, M-Z, ^X^C, logoff, logout, close, bye, /bye, *
* stop, end, F3, ~., ^]c, +++ ATH, disconnect, halt, abort, hangup, *
* PF4, F20, ^X^X, :D::D, KJOB, F14-f-e, F8-e, kill -1 $$, shutdown, *
* kill -9 1, Alt-F4, Ctrl-Alt-Del, AltGr-NumLock, Stop-A, ... *
* ... "Are you sure?" ... YES ... Phew ... I'm out *
***********************************************************************
