2010/5/12 Frank Sweetser <f...@wpi.edu> > While this is definitely a neat feature, my biggest concern is that this > would > be a gigantic privilege escalation hole. By allowing bconsole to execute > any > arbitrary command, it becomes impossible for the general system > administrator > to restrict the backup operator to bconsole access only via sudo. >
Bacula doesn't require "gigantic privileges" to operate with bconsole. If you know a secret password, then you are able to manage bacula director. All you need is set up correct permissions on bconsole.conf file. For example, restrict read only access for specified group - 0640 - and add user to that group. > At a minimum, I'd hope to either see this feature implemented in such a way > as > to drop privs to the original user after reading any config files, and also > require a config option to explicitly enable it. > How bconsole will know that it is executed on sudo or su -c ? :) -- Radosław Korzeniewski rados...@korzeniewski.net
------------------------------------------------------------------------------
_______________________________________________ Bacula-users mailing list Bacula-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/bacula-users
