Re: Self Introduction: Randy Barlow
On Mon, Nov 2, 2015 at 3:05 AM, Petr Spacekwrote: > > Generally principle of least privileges is okay, so I agree with your > proposal > in general. > > On the other hand I have to ask if the server must be running under root? > Shoudn't it run under a dedicated user, e.g. 'aribackup'? > > In that case filesystem permissions should be root:aribackup 770. Hmm... I don't know why I didn't think of that as a long time BackupPC user... So a user could be setup but would they need to be setup as a sudo'er like BackupPC? Thanks, Richard -- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
Re: Self Introduction: Randy Barlow
On 1.11.2015 18:54, Randy Barlow wrote: > On 10/07/2015 01:37 PM, Randy Barlow wrote: >> I've filed a request to add a new package called ari-backup: > >> https://bugzilla.redhat.com/show_bug.cgi?id=1269609 > > My package reviewer and I had some questions about whether the > permissions I have set in my spec file are justifiable or not. This > software is a backup server, and the spec file I have created > configured the backup store (/var/lib/ari-backup) to have restrictive > permissions (root:root, 0700). The reasoning is that I didn't want to > assume that it would be OK for other users who may have access to the > backup server to be able to see files from other systems that have > been stored there. > > Additionally, the folder /etc/ari-backup/jobs.d contains job > configuration files, and is also configured for 0700. This is to > prevent any information about what is being backed up (and how it is > being backed up) from leaking. The backup jobs in there are Python > scripts, and can contain arbitrary code to be executed during the > backup jobs. > > What do others think? Are the permissions I have selected in my spec > file appropriate for a backup server? Generally principle of least privileges is okay, so I agree with your proposal in general. On the other hand I have to ask if the server must be running under root? Shoudn't it run under a dedicated user, e.g. 'aribackup'? In that case filesystem permissions should be root:aribackup 770. -- Petr Spacek @ Red Hat -- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
Re: Self Introduction: Randy Barlow
Petr Spacek wrote: > On the other hand I have to ask if the server must be running under root? > Shoudn't it run under a dedicated user, e.g. 'aribackup'? > > In that case filesystem permissions should be root:aribackup 770. Hi Petr! ari-backup is really just a convenient wrapper around rdiff-backup. rdiff-backup can be run as a non-root user, but running it as root on the backup server has the advantage of allowing it to preserve the ownership information of the files being backed up. This way, the backup store has the same UID/GIDs as the source, which can be convenient during restores. If you find this concerning, I may be able to rework ari-backup to make the user that jobs get run under configurable (with a default to an ari-backup user). Users like me who prefer to backup files with the privileges needed to maintain the ownership could simply adjust a configuration file. Do you think that would be a good way to go? -- Randy Barlow xmpp: bowlofe...@electronsweatshop.com irc: bowlofeggs on Freenode signature.asc Description: OpenPGP digital signature -- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
Re: Self Introduction: Randy Barlow
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 On 10/07/2015 01:37 PM, Randy Barlow wrote: > I've filed a request to add a new package called ari-backup: > > https://bugzilla.redhat.com/show_bug.cgi?id=1269609 My package reviewer and I had some questions about whether the permissions I have set in my spec file are justifiable or not. This software is a backup server, and the spec file I have created configured the backup store (/var/lib/ari-backup) to have restrictive permissions (root:root, 0700). The reasoning is that I didn't want to assume that it would be OK for other users who may have access to the backup server to be able to see files from other systems that have been stored there. Additionally, the folder /etc/ari-backup/jobs.d contains job configuration files, and is also configured for 0700. This is to prevent any information about what is being backed up (and how it is being backed up) from leaking. The backup jobs in there are Python scripts, and can contain arbitrary code to be executed during the backup jobs. What do others think? Are the permissions I have selected in my spec file appropriate for a backup server? - -- R -BEGIN PGP SIGNATURE- Version: GnuPG v2 iQIcBAEBCgAGBQJWNlHEAAoJEHhEzLg73SRi30AP/37NkJEKbU0gObQ+vilkgRwM xV/nKACEXYV1YKz6RIch/PrVF9pGoVmPsXMEnVr3SHYL+nuCXRlwbQuLci4id9JS 3b/rudUScW5IMVAinvCsWuep03ryOc72qr57o2lrjijh1jiGyw2pRtWXknUzaxZD igChWE/zZ16BaSpGrRQegG38cySo/SwaCz16xseHop0GhN+ZGxGETwIVOUEHg0ar hJPJnvK/18EtzsU1XheVk/vA13EdpGbPmGglt5ljeDfdJunM/4LVMX8bUQQ9hvLV GPIpc/8DvBH+V+MLgSQrsRfqBQo+gopdwNSl8OjHeoD4bRg1PFdI7ezAf4bQL6l6 nVPaLQ0+iGgc5J9AtuDpVqT2Zk5a/ywymis6zEgYN71vM7Gw8CqC1qLT0iwDFlVa DZ+Kz1eMYGgH6Q9bte6kkxoVOhNaY7jlhoKCcCa8LQLGEGxaX2GpT5VTkhpa0r90 7sXhUW1sonvHZoNXB9Dtcv++3OmLuvnqqmAg5PVOPiTtsX+3yar4sU8/qDm8kFWO vJV+QYucsuqLW9icJuLazf1LK/Q18Rxg3bzQtyW6sD8gafI4wFoYxReR8FOzA5vi c/TOAFNKdNK+4kkn1RD5zeefouOhO0dbCTqZGGu2z2sTSyhkYqNZajj8ICTw4kE5 0bCKtYsaWj8DN92IkDzp =GNAx -END PGP SIGNATURE- -- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct