Item 1: FD-controlled restore block Origin: Jason Martin <[EMAIL PROTECTED]> Date: 11/26/07 Status:
What: A FD controlled flag that disallows restores. Why: The PKI encryption feature allows us to have an environment where the bacula admin does not have to be trusted with the contents of the data on the server aside from file names. However, there is still a chance the backup admin (or compromised backup admin account) could maliciously restore some files back to the server. A flag fo some sort (controlled via the local config file and overrideable by sending a USR1 / USR2 signal) that dissallows restores would cover this condition. This fits better into large deployments where bacula is owned by a group distinct from the day-to-day admins of the machine in question. The machine admins may be more comfortable if they must explicitly allow a restore operation. -Jason Martin
pgpfDT0TG61Q5.pgp
Description: PGP signature
------------------------------------------------------------------------- This SF.net email is sponsored by: Microsoft Defy all challenges. Microsoft(R) Visual Studio 2005. http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/
_______________________________________________ Bacula-users mailing list Bacula-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/bacula-users
