On Tue, Jul 03, 2001 at 01:26:08PM +0300, Ben-Nes Michael wrote:
> Hi All
>
> I want to backup my servers files using tar from a central Location.
> To do this im using ssh with RSAauth to log from my backup server to all the
> other servers.
>
> I log using ordinary user to be on the safer side but then I can't read some
> directories ( for instance: /var/spool/croon - rwx______ )
> I thought of few options:
>
> 1. adding the ordinary user to root Group
> 2. add access to some directive like chgrp or chmod
> 3. tar as root - I don't like this option
>
> What is the list suggestions ?
It seems to me that the first and second options can cause or hide more
security risks than the third. Why not just tar as root?
If what you are worried about is root accessing the network, you could
write a script that creates the tar file as root, and then drops
priveleges for the actual transmission.
=================================================================
To unsubscribe, send mail to [EMAIL PROTECTED] with
the word "unsubscribe" in the message body, e.g., run the command
echo unsubscribe | mail [EMAIL PROTECTED]
