What exactly is the nature of the security risk in using a sudo script for
users to recover files with Amanda. On previous systems we had the Legato
Networker package for file recovery and it had a set of user tools that
seemed to check the owner, group and file permissions and compare with the
user's permissions to determine whether the user had permission to backup
the file. I assume the security issue is that Amanda is not storing the
file permissions so recovery is possible for any file on any system from
the server. Are any file attributes (permissions, owner, and/or group,
file location, etc) stored in the archives generated by Amanda? If so,
then there may be a hope of putting a script together...
Cheers,
Randall
On Thu, 12 Apr 2001, John R. Jackson wrote:
> Date: Thu, 12 Apr 2001 12:37:50 -0500
> From: John R. Jackson <[EMAIL PROTECTED]>
> Reply-To: [EMAIL PROTECTED]
> To: Randall Skelton <[EMAIL PROTECTED]>
> Cc: [EMAIL PROTECTED]
> Subject: Re: General Questions
>
> >What I really would like to do is have an easy to maintain client-server
> >system ...
>
> So far, Amanda will do everything you've mentioned quite nicely.
>
> >whereby normal users of the system can recover their own 'lost'
> >files. ...
>
> But it won't do this. There are a lot of security issues Amanda has
> never addressed that make this very difficult.
>
> >Randall
>
> John R. Jackson, Technical Software Specialist, [EMAIL PROTECTED]
>
