(Maybe this should be posted to -devel?) Unrestricted remote root access by a non-root user is generally not a secure design. There are many ways to restrict the access to backup activities, but they can't be enforced if the access includes unrestricted write access. I think that the secure approach is to require that restores be run by root from the local machine, rather than allowing a remote push. (Isn't that true for other backup systems?)
I think the best approach is for remote restores to be allowed for non-privileged files, but run under user account access from the user requesting the restore. Remote restoration of privileged files should require some sort of authentication from the local root account. This should not be too hard to set up using ssh restrictions, if BackupPC includes the user name as one of the arguments substituted in the backup command, and some user ssh key management. You can restrict remote-root access to read-only using the command= setting in the ssh authorized_keys file. It runs a pre-defined command in place of the requested ssh command. The proxy command could handle authentication for write access, or you could just require that restores are handled with by downloading a tar/zip archive, or to a chrooted temporary directory. Does this sound like a good plan to other BackupPC users? Most of this can be done just by getting a $User variable into the rsync command substitutions. To do it well, BackupPC needs user-specific configurations to handle the ssh keys for each user. It will also allow for user-specific e-mail settings. It is also good to allow different user names for the same person. We have several people with Linux user names that are different from their Windows domain user names. I think that these would be fairly easy to implement for someone familiar with the BackupPC source code. Joe Krahn ------------------------------------------------------------------------- This SF.net email is sponsored by: Microsoft Defy all challenges. Microsoft(R) Visual Studio 2008. http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/ _______________________________________________ BackupPC-users mailing list BackupPC-users@lists.sourceforge.net List: https://lists.sourceforge.net/lists/listinfo/backuppc-users Wiki: http://backuppc.wiki.sourceforge.net Project: http://backuppc.sourceforge.net/
