This is what I'm saying. ;)
--- W. Curtis Preston Backup Blog @ www.backupcentral.com VP Data Protection, GlassHouse Technologies ________________________________ From: Ed Wilts [mailto:[EMAIL PROTECTED] Sent: Saturday, February 09, 2008 12:04 PM To: Curtis Preston Cc: veritas-bu@mailman.eng.auburn.edu Subject: Re: [Veritas-bu] login through veritas On Feb 9, 2008 1:18 PM, Curtis Preston <[EMAIL PROTECTED]> wrote: Remember: background checks on your backup admin are a good thing Just remember that as a backup admin, I'm also a restore admin. I can restore your passwd and shadow files with my own, read any file on your system and restore it to my own system, and restore garbage overwriting good files on your system. It wouldn't take me an hour to write a script that would render every backup client unbootable and also wipe out all of the backup images. If you don't trust me, then we both have a problem. Similarly, we have to trust our electricians not to fry all of our equipment and our janitors not to see what a bottle of Coke will do to a storage array or a tape library. No amount of NetBackup authentication protection will help you with a disgruntled backup/restore administrator. The rights they need to do their jobs are precisely the same rights they can use to hurt us (not unlike the Secret Services carrying guns while protecting our president). .../Ed -- Ed Wilts, Mounds View, MN, USA mailto:[EMAIL PROTECTED]
_______________________________________________ Veritas-bu maillist - Veritas-bu@mailman.eng.auburn.edu http://mailman.eng.auburn.edu/mailman/listinfo/veritas-bu