Holger Parplies wrote: > Hi, > > Rob Morin wrote on 18.10.2007 at 08:15:47 [[BackupPC-users] A tar restore > issue, does not work on localhost]: >> So i found this post , i forget where that mentioned to use a tarCreat >> file via sudo to do localhost backups... that works fine but restoring >> does not work, any help appreciated.... All other servers vis rsync >> work just fine.... > > let me put into a question what I gather from your post you might be asking: > > "I'm doing local backups with XferMethod tar via sudo and a helper script. > What do I need to observe when doing restores?" > > Well, first of all, you'll also need to use sudo. If the backuppc user > doesn't have sufficient permissions for *reading* the files for backup, he > almost definitely won't have sufficient permissions for *writing* them on > restore. > > Second, such helper scripts are a very real security risk. There's just > about no advantage, and it's easy to get things wrong. If the backuppc user > has *write access* to the script, he (or rather an intruder gaining backuppc > user priviledges) has immediate full root access to the system, simply by > putting anything he wants into that script and executing it with 'sudo'. > Even worse, *any other user* with write access to the script (by local or > remote means) can alter it and simply wait for a scheduled backup to be run, > thus executing his commands. With such a script, you *really* need to make > sure that *only root* has write access to it. Even worse, you need to ensure > that command injection is impossible (which it probably isn't). Otherwise an > attacker does not even need write access to the script in order to abuse it. >
Doesn't this security risk exist regardless of helper scripts? The backuppc user has write access to the pool, so can change/insert anything there. Then as long as the host machines are set up to accept restores from the backuppc server, those modified/new files can be uploaded. Is there any way to protect against this? -Rob ------------------------------------------------------------------------- This SF.net email is sponsored by: Splunk Inc. Still grepping through log files to find problems? Stop. Now Search log events and configuration files using AJAX and a browser. Download your FREE copy of Splunk now >> http://get.splunk.com/ _______________________________________________ BackupPC-users mailing list BackupPC-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/backuppc-users http://backuppc.sourceforge.net/