>> I'm currently pushing backups from each system to a central backup >> server via rdiff-backup. However, I realized that push backups are >> not safe because if one of the systems is compromised, the infiltrator >> could delete all of that system's backups with a command like this: >> >> rdiff-backup --remove-older-than 1s backup@12.34.56.78::/path/to/backup > > The Bacula client can't delete its own backups, so it is safe against that > problem. > >> Pull backups don't seem secure because if the central server is >> compromised, the infiltrator would have root read privileges on every >> backed-up system and would thereby be able to gain root access to >> those systems. > > Bacula does have root read (and write) privileges on every backed-up system, > but you can encrypt the backups before sending them to the central server. > Bacula can also sign the backups, so the client can verify that a restore > doesn't contain modified data. You still have to keep the encryption/signing > keys secure of course.
Thanks for your help. I don't think I have the b*lls to give root read/write on every system to the backup server. :) - Grant ------------------------------------------------------------------------------ This SF.net email is sponsored by Windows: Build for Windows Store. http://p.sf.net/sfu/windows-dev2dev _______________________________________________ Bacula-users mailing list Bacula-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/bacula-users
