[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [rdiff-backup-users] Post-setup questions

From: Maarten Bezemer
Subject: Re: [rdiff-backup-users] Post-setup questions
Date: Fri, 19 Aug 2011 09:15:52 +0200 (CEST)

On Thu, 18 Aug 2011, Grant wrote:

If I were to set up a separate user for each pushed backup and one of
the systems were compromised, only the compromised system's backups
would be accessible to the attacker (read/write unfortunately).

No. It would indeed be read/write which is a no-go for most serious backup systems (lose the primary, and all you have left is a compromised backup, potentially no backup at all). And another risk would be that the attacker finds some way to elevate her privileges on the backup server due to some but in rdiff-backup, python or something similar. In which case the entire backup server would be compromised.

I tried to set this up today but I ran into a problem.  My backup
server backs up its own files to the USB drive.  If that operation is
conducted as a normal user, it can't read all of the necessary files.
If that operation is conducted as root, the backed-up files are
written as root and the remote system can't read them via rsync unless
I allow root logins.

Try doing the local operation through the localhost network ;-)

I don't think I follow (again).  The backup server drops its own
important files onto the USB hard drive that is directly attached to
it.  Anyway, that problem would be solved if I used your
'PermitRootLogin without-password' advice above.

You said you backup the backup server's own files to the USB drive. When doing that with rdiff-backup running as root, the backup will also have file permissions and ownership preserved (mostly). When you run that rdiff-backup process as a normal user (backup side) to back up files from address@hidden (source side), just pretending that it is a remote host, then the backup tree will be accessible by non-root rsync user.


reply via email to

[Prev in Thread] Current Thread [Next in Thread]