On 12/18/15 11:34, H. Steuer wrote: > > Hello Bill, > > you are right, but there is a serious side effect. Heres a statement > from the Bacula docs: > > > The first console type is an anonymous or default console, which > has full privileges. There is no console resource necessary for > this type since the password is specified in the Director > resource. Typically you would use this anonymous console only for > administrators. > > > So this means that - as there is no configuration item for the anonymous > console in the "bacula-dir.conf", it uses the password from the > "Director" section. As this is also the password thats used for the > director to access the client file > daemon, we have now the result that this is the same password that can > be used in a "Director" section of the > bconsole.conf. I just gave it a try and changed the password in the > Director section of the bacula-dir.conf. Then I have > chosen a random client, installed bconsole, created a bconsole.conf with > the same password and voila - had full access > to all the backups.
Um, so, wait. You configured a new client, put your Director password into its bconsole.conf, and you're surprised that you can connect to your Director from it? I don't see what's surprising here. If you don't want X random client to be able to connect to the Director using bconsole, DON'T GIVE IT THE DIRECTOR PASSWORD. -- Phil Stracchino Babylon Communications ph...@caerllewys.net p...@co.ordinate.org Landline: 603.293.8485 ------------------------------------------------------------------------------ _______________________________________________ Bacula-users mailing list Bacula-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/bacula-users
