Op 20120807 om 22:18 schreef Elrond: > On Fri, Aug 03, 2012 at 16:12:58 +0200, Luca Capello wrote: > [...] > > I would go even further: if I read it correctly, this should improves > > security, so I was wondering if it would be better to have it by > > default...
Please don't. Avoid stiffeling the restore. > This is quite attractive, I can understand that. > > Really I would love to see this. > > BUT ... > > ... it will stop nice restores. s/nice restore/plain restore/ > You have to restore to /tmp and all the restored files will > be owned by nobody and not the original owner. > I don't know if people are ready for this. I'm a smart part of people, I expect that a restore goes the same way as backup, no so detour trough /tmp with chown. > In a first step, I would suggest to add the capability > support, so that users can play with this feature and > learn. > > In a second step, I would suggest making it easy for users > to enable this feature (maybe commented version in > /etc/default/bacula-fd?) > Or maybe add a debconf knob directly? So that people can > enable it easily while installing bacula-fd on all of their > client machines? I do understand the good intention to add a new feature, but I think that default "read only capability feature" for bacula-fd is wrong. > Just my personal thoughts. Yes, this E-mail is also sharing my thoughts (and worries). <joke consider="some what sick"> To prevent bacula-fd default started with -k option, I will not contribute any code. </joke> > > Cheers > > Elrond Groeten Geert Stappers Agreeing on the build with libcap-dev, not on enabling it by default -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org