On Sun, 30 Jun 2013 14:36:14 -0700, Grant wrote: > >> Isn't that a gaping security hole? I think this amounts to granting > >> the backup server root read access (and write access if you want to > >> restore) on each client? > > > > How can you backup system files without root read access? You are > > granting this to s specific user, one without a login shell, on the > > server. > > If the backup server is infiltrated, the infiltrator would have root > read access to each of the clients, correct? If the clients push to > the backup server instead, their access on the server can be > restricted to the backup directory.
Yes, but with push you have to secure each machine whereas with pull backups it's only the server to secure. And you'd still need to grant access to the server from the clients, which could be escalated. With backuppc, the server does not need to be accessible from the Internet at all, all requests are outgoing. If the server machine serves other purposes and needs to be net-accessible, run the backup server in a chroot or VM. -- Neil Bothwick Religious error: (A)tone, (R)epent, (I)mmolate?
signature.asc
Description: PGP signature
