Hi everyone. I'm a new BackupPC user, this is my first post here. Here's my problem: I love having online backups, they're very convenient. But they're a huge security problem. All of the LAN's most sensitive files become readable by user backuppc, who can be attacked through the web application. Worse, all of the files become readable by the BackupPC administrative user, and each host's files by that host's designated backup owner. If any of these has a weak password, or if the BackupPC login doesn't run over SSL, or if the htdigest file is unprotected, then we give away the store. Root security for the whole LAN becomes equivalent to a whole bunch of typically weaker links.
My question for you is, how are people addressing this problem? Enforcing strong passwords? Limiting the number of users with restore rights? Segmenting your hosts into sensitive and less-sensitive files? Thanks, Andrew. ------------------------------------------------------------------------------ Come build with us! The BlackBerry® Developer Conference in SF, CA is the only developer event you need to attend this year. Jumpstart your developing skills, take BlackBerry mobile applications to market and stay ahead of the curve. Join us from November 9-12, 2009. Register now! http://p.sf.net/sfu/devconf _______________________________________________ BackupPC-users mailing list [email protected] List: https://lists.sourceforge.net/lists/listinfo/backuppc-users Wiki: http://backuppc.wiki.sourceforge.net Project: http://backuppc.sourceforge.net/
