Paul, thank you for your answer! Paul Bijnens schrieb: > > On 2007-11-02 14:45, Philipp Geschke wrote: >> >> I want to set up amanda in an unsecure multiuser environment. >> I want every user (maschine) to have access to their own backup only. >> But what happens right now is, as soon as a host is authenticated, it >> needs only to know the configurations name and the name of the host he >> wants the backup from, and it can access what ever it wants using the >> sethost command in amrecover (eg. amrecover -C test >> sethost >> test.testdomain.local). >> >> So, basically my question comes down to this: >> Does amanda support something like an acl to limit one host to one >> backup instead of opening all backups to any host that is allowed to >> connect to the index and tapeserver? > > > What I would do is to edit the .amandahost on the server > and do not allow any host to restore anything. And when someone needs > to restore something, then temporarily add an entry for that host. > And tell the user that you will monitor his restore actions (you > can find those in the amanda-debug dir on the server). > When finished, disallow access again, by editing the .amandahosts > file on the server. > > Not perfect, but you wouldn't expect to automate security in a > non-secure environment, do you? > >
Nah, I wouldn't. I was just wondering if there's really no kind of security for the backups as soon as your host is generally allowed to connect to amindexd and amidxtaped, because I see the need also for a secure environment. I can't see a company with a closed private network want the small post office guy to restore the CEO's /home backup on his machine. Your suggestions is an option that's worth considering, as a couple others are that I came up with already, but unfortunately I'm kinda looking for the 100 percent solution. Cheers, Philipp
