Sorry about the duplicate post. Trying to use the right address now !
> Ronny writes:
>
> > I am taking backup of a directory /home, containing ~1000 users.
> > And i want to allow each of the users access to restore his own files.
> > But NOT to read/restore files that he normaly would not.
> >
> > Example: user1 have a file in /home/user1/private.txt that have 600
> > permissions. I dont want user2 to be able to read this thru the backuppc
> > cgi.
> >
> > i have tested this with a line in hosts that say
> > server 0 root user1,user2
> >
> > and it seams to me that user2 can read all files of the backup, even
> > files he normaly would have no access to.
> >
> > So how others solve this problem ?
> > must you have 1000 lines in hosts, one line for each homedir ? Or are
> > there a different way where i can have backuppc check the orginal
> > permissions and deny restore if the user in question dont have the right
> > access.
>
> BackupPC doesn't provide a mechanism to have fine-grained
> per-user permissions when browsing backups. The host file
> users have permissions for the entire host: browsing, editing
> the configuration, starting and canceling backups, etc.
>
> Enforcing permissions is a bit difficult since apache doesn't
> provide the uid and gid - just the username - and the backups
> just contain the client uid/gid. There is no guarantee that
> user names and uid/gids are common between the server and
> client.
that's not a guarantee, but when you have ldap/sql/nis user<->uid
mapping it's quite commonly so.
I assume one could deny access if the user didn't map to a uid.
mapping a user to the wrong uid would be hard to detect. But it's not
your stock configuration anyway so some prerequisites like common user
database can be expected.
> Perhaps we could have a new config variable which forces the
> browse path for non-admin users, eg:
>
> $Conf{CgiUserBrowseChroot} = {
> 'user1' => '/home:/user1',
> 'user2' => '/home:/user2',
> };
>
> (/home is the share, and /user1 is the path relative to
> that share)
>
> There could also be a wildcard form that allows any user to
> browse their folder:
>
> $Conf{CgiUserBrowseChroot} = {
> '*' => '/home:/*',
> };
>
> One drawback is this host won't appear in the pulldown in
> the navigation bar, since that is based on the hosts file.
> So the user has to navigate to their host by knowing the
> correct URL.
So there is no way to do this currently. Having 1000 hostlines is not
that big a problem for the user. Since it's the admin that have to live
with a _Loooong_ dropdown box.
would backuppc deal with a hostsfile of ~1000 lines and 1000 files
saying server-user[nnnn].pl
--
mvh
Ronny Aasen -- 41616155 -- [EMAIL PROTECTED] --
Datapart AS -- 57682100 -- www.datapart-as.no --
-------------------------------------------------------------------------
This SF.net email is sponsored by: Microsoft
Defy all challenges. Microsoft(R) Visual Studio 2005.
http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/
_______________________________________________
BackupPC-users mailing list
BackupPC-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/backuppc-users
http://backuppc.sourceforge.net/
