Sorry about the duplicate post. Trying to use the right address now !

> Ronny writes:
> 
> > I am taking backup of a directory /home, containing ~1000 users.
> > And i want to allow each of the users access to restore his own files.
> > But NOT to read/restore files that he normaly would not.
> > 
> > Example: user1 have a file in /home/user1/private.txt that have 600
> > permissions. I dont want user2 to be able to read this thru the backuppc
> > cgi.
> > 
> > i have tested this with a line in hosts that say
> > server  0       root    user1,user2
> > 
> > and it seams to me that user2 can read all files of the backup, even
> > files he normaly would have no access to.
> > 
> > So how others solve this problem ?
> > must you have 1000 lines in hosts, one line for each homedir ?  Or are
> > there a different way where i can have backuppc check the orginal
> > permissions and deny restore if the user in question dont have the right
> > access.
> 
> BackupPC doesn't provide a mechanism to have fine-grained
> per-user permissions when browsing backups.  The host file
> users have permissions for the entire host: browsing, editing
> the configuration, starting and canceling backups, etc.
> 
> Enforcing permissions is a bit difficult since apache doesn't
> provide the uid and gid - just the username - and the backups
> just contain the client uid/gid.  There is no guarantee that
> user names and uid/gids are common between the server and
> client.

that's not a guarantee, but when you have ldap/sql/nis user<->uid
mapping it's quite commonly so. 

I assume one could deny access if the user didn't map to a uid.
mapping a user to the wrong uid would be hard to detect. But it's not
your stock configuration anyway so some prerequisites like common user
database can be expected.

> Perhaps we could have a new config variable which forces the
> browse path for non-admin users, eg:
> 
>     $Conf{CgiUserBrowseChroot} = {
>         'user1' => '/home:/user1',
>         'user2' => '/home:/user2',
>     };
> 
> (/home is the share, and /user1 is the path relative to
> that share)
> 
> There could also be a wildcard form that allows any user to
> browse their folder:
> 
>     $Conf{CgiUserBrowseChroot} = {
>         '*' => '/home:/*',
>     };
> 
> One drawback is this host won't appear in the pulldown in
> the navigation bar, since that is based on the hosts file.
> So the user has to navigate to their host by knowing the
> correct URL.


So there is no way to do this currently. Having 1000 hostlines is not
that big a problem for the user. Since it's the admin that have to live
with a _Loooong_ dropdown box. 

would backuppc deal with a hostsfile of ~1000 lines and 1000 files
saying server-user[nnnn].pl


-- 
mvh
Ronny Aasen -- 41616155 -- [EMAIL PROTECTED] --
Datapart AS -- 57682100 --  www.datapart-as.no  --



-------------------------------------------------------------------------
This SF.net email is sponsored by: Microsoft
Defy all challenges. Microsoft(R) Visual Studio 2005.
http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/
_______________________________________________
BackupPC-users mailing list
BackupPC-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/backuppc-users
http://backuppc.sourceforge.net/

Reply via email to