I think (but haven't tried) you could alter the rdiff-backup option text
like this (this is under Ubuntu 10.04, the location might differ with
another OS):
sed -i 's/remove-older-than/remove-older-thax/g'
/usr/share/pyshared/rdiff_backup/*.py
So unless an infiltrator knew the new command name (remove-older-thax in
the example above), they couldn't use it.
Dominic
On 11/11/2011 20:51, Grant wrote:
I'm using rdiff-backup in an automated "push" arrangement with access
to the backup server provided via SSH keys and restricted to the
rdiff-backup command like command="rdiff-backup --server". I think an
infiltrator could delete a compromised machine's backups from the
backup server like this:
rdiff-backup --remove-older-than 1s backup@12.34.56.78::/path/to/backup
Is there any way to prevent something like that from happening?
- Grant
_______________________________________________
rdiff-backup-users mailing list at rdiff-backup-users@nongnu.org
https://lists.nongnu.org/mailman/listinfo/rdiff-backup-users
Wiki URL: http://rdiff-backup.solutionsfirst.com.au/index.php/RdiffBackupWiki
_______________________________________________
rdiff-backup-users mailing list at rdiff-backup-users@nongnu.org
https://lists.nongnu.org/mailman/listinfo/rdiff-backup-users
Wiki URL: http://rdiff-backup.solutionsfirst.com.au/index.php/RdiffBackupWiki