> On Dec 18, 2015, at 2:28 PM, Kern Sibbald <k...@sibbald.com
> <mailto:k...@sibbald.com>> wrote:
>
> On 12/18/2015 06:46 PM, H. Steuer wrote:
>> Hello Kern,
>>
>> thanks for your comment. Probably I did not understand the security model of
>> Bacula so far. Furthermore, you misread my
>> post. The point is not anybody having root access to the Bacula server -
>> thats absolutely not the case. And there are just very few users with root
>> access on servers. But lets assume an administrator that manages mail
>> servers only has root privileges on its mail servers (not on any other
>> maching, just his few mail servers).
>>
>> This mail server has a file daemon configuration locally where the director
>> password is stored. That nessecary for the director to connect to this
>> particular client. So far so good. For my understanding, and please correct
>> my if I'm wrong, I can use the same password that is part of the file daemon
>> configuration in the bconsole.conf to gain anonymous console.
>> So an evil administrator could read the password our of the bacula-fd.conf,
>> install bconsole and create just a bconsole.conf
>> with the same password he extracted from the bacula-fd.conf.
>>
>> Probably I just missed the point here and my assumption is wrong. At least
>> my local tests confirmed that this is the case.
>>
>> Can you please leave a comment on this?
>
> Yes, you have very likely "misconfigured" your File Daemon. In the Director
> resource of the FD, you should put the password that is in the Client
> resource of the bacula-dir.conf file and definitely not the password that is
> in the Director resource of the bacula-dir.conf file. It may seem a bit
> confusing at the beginning, but the FD Director resource should have the
> password that the Director will use when connecting to the Client (i.e. the
> bacula-dir.conf Client password).
>
> The password that is in the Director resource of bacula-dir.conf should
> *only* be used in the bconsole.conf file on machines where you want the
> administrator to have full control of Bacula.
>
> Once you "get" this, your security concerns mentioned in these emails about
> Bacula will most likely go away.
>
> This arrangement is shown in various diagrams in the Bacula manual, but Dan
> Languille has a much clearer diagram of this process that may help you.
Kern refers to this blog post:
http://dan.langille.org/2015/01/10/bacula-on-freebsd-with-zfs/
<http://dan.langille.org/2015/01/10/bacula-on-freebsd-with-zfs/>
The key to making the situation easier to follow: using phrase such as
'Password = "the bacula-fd password"' and 'Password = "the bacula-sd password"'
Cheers.
------------------------------------------------------------------------------
_______________________________________________
Bacula-users mailing list
Bacula-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/bacula-users
