On Fri, Aug 04, 2006 at 07:03:39AM -0400, Gene Heskett enlightened us:
> This is a frequent problem when using a 'packaged' version of amanda.  The 
> rpm packagers in particular have demonstrated many times that they do not 
> understand how amanda treats security issues.  Amanda's build gives it 
> enough perms to do the instant job each piece needs to do, and no more.  
> This is why, when potential users run into these sort of problems, that we 
> universally recommend that it be built from the tarball, following 
> amanda's instructions so that the amanda build and install can be done 
> correctly.

Not to get off topic, and no offense Gene, but that second sentence is
entirely inaccurate. There are several problems with Amanda RPMs which
require compromises be made, but not understanding security and how amanda
works is definitely *not* one of them. What some of the problems are include:

- Inability to know the hostname of the amanda server (or any server for
  that matter) on the clients network. Since amanda requires these at build
  time, the only logical compromise is to use localhost

- Inability to know what user the software will be built as (if rebuilding
  a source RPM). There are RPM mechanisms in place that fix that, though not
  pretty, which set ownership to the appropriate user and permissions. I
  would argue that the fact these are in there (at least in the
  RedHat-produced RPMs) counter your point about not understanding the
  security needs. 

As always, I consider http://www.math.ohiou.edu/~hyclak/casit/amanda/ a
worthwhile read for anyone using an RPM-based system, and recommend that
users of Amanda rebuild SRPMs for their environment. Jay has made it easier
with the latest Fedora Development RPMs to do that in the future.


Matt Hyclak
Department of Mathematics 
Department of Social Work
Ohio University
(740) 593-1263

Reply via email to