On Nov 12, 2011 11:23 AM, "Michael Orlitzky" <mich...@orlitzky.com> wrote: > > On 11/11/2011 10:20 PM, Pandu Poluan wrote: > > > >> And if I pull, none of my backed-up systems are secure because anyone > >> who breaks into the backup server has root read privileges on every > >> backed-up system and will thereby "gain full root privileges quickly." > > > > IMO that depends on whether you also backup the authentication-related > > files or not. Exclude them from backup, ensure different root passwords > > for all boxes, and now you can limit the infiltration. > > If you're pulling to the backup server, that backup server has to be > able to log in to and read all files on the other servers. Including > e.g. your swap partition and device files. >
Again, that's a matter of implementation. If the server doesn't access the client's filesystem directly but via an agent (Bacula does this, for instance), the server's access will be limited to what the agent provides. Rgds,
