One of my student workers - who happens to be setting up Amanda, recently came to me with a concern about how the backup/restore process handles soft links. I suspect that this is a non-issue in that Amanda has already figured out a way to deal with this, but just in case...
Let's say a user creates a soft link in their home directory that points to /usr/bin, eg: lrwxrwxrwx 1 cbarnes barnes 15 July 1 13:35 mybin -> /usr/bin/ Then the backups of the home are run. Then the user removes the softlink and creates a real directory with that same name. drwxr-xr-x 2 cbarnes barnes 4096 Aug 18 17:23 mybin and then puts a modified program into that directory: drwxr-xr-x 2 cbarnes barnes 4096 Aug 18 17:23 ./ drwxr-xr-x 13 cbarnes cbarnes 4096 Aug 25 17:31 ../ -r-s--x--x 1 cbarnes barnes 7667 Aug 18 17:26 passwd* and backups are run again. The concern is that when a restore is run, the softlink to the /usr/bin directory will be recreated, then the file will be restored into that directory, overwriting the file that is supposed to be there (ie. creating a security issue). 1) Is this possible, or does Amanada already do something to prevent this? 2) If it is possbile, are there any security considerations we need to take into consideration when running backups or restore jobs? -- + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + Chris Barnes AOL IM: CNBarnes [EMAIL PROTECTED] Yahoo IM: chrisnbarnes Computer Systems Manager ph: 979-845-7801 Department of Physics fax: 979-845-2590 Texas A&M University
