On 02/24/2016 06:39 PM, Peter Keller wrote: ... Also, all users would have the > same Password, and there would be nothing stopping them from > just writing a baculejo.conf for root and escalating > themselves into administrative privileges in bacula's console.
As a side note backups vs permissions has always been a very icky issue anyway: what do you expect to happen when a non-root user tries to restore files they have no read permission to? Or look at other peoples filenames in the catalog? Personally I don't think there is a general solution other than not letting non-root users touch any of it. -- Dimitri Maziuk Programmer/sysadmin BioMagResBank, UW-Madison -- http://www.bmrb.wisc.edu
signature.asc
Description: OpenPGP digital signature
------------------------------------------------------------------------------ Site24x7 APM Insight: Get Deep Visibility into Application Performance APM + Mobile APM + RUM: Monitor 3 App instances at just $35/Month Monitor end-to-end web transactions and take corrective actions now Troubleshoot faster and improve end-user experience. Signup Now! http://pubads.g.doubleclick.net/gampad/clk?id=272487151&iu=/4140
_______________________________________________ Bacula-users mailing list Bacula-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/bacula-users