Landon Fuller wrote:
One other issue worth raising -- The director can currently overwrite any file on the FD, including the encryption keys or the FD configuration file, thus exposing private data to the director.
Something else I forgot to mention; the file daemon also ensures data integrity by signing each file. Currently, only file data is signed -- permissions, ownership, et al are not.
AFAIK, during a restore, the storage daemon will provide the stream data in the same order it was written by the file daemon. If that's true, the easiest way to add extra file attributes/streams to the signature is to checksum them as we send them to (and receive them from) the storage daemon.
Kern, is it reasonable to assume that the Storage Daemon will always provide per-file stream data in the order it was written by the File Daemon? If not, I'd guess the alternative is to cache the file attributes on restore and checksum them in the standard order.
Thanks, -landonf
signature.asc
Description: OpenPGP digital signature
