I have no problem creating backups, just restoring them..... But please, can someone then tell me what is the best way to do it, i am very confused now... if someone can post an example localhost.pl file i can learn from i would greatly appreciate it...
Thanks for all the input... And everyone have a super day! Rob Morin Director of Technologies Dido Internet Inc. Montreal,Canada http://www.dido.ca 514-990-4444 Rob Owens wrote: > Holger Parplies wrote: > >> Hi, >> >> Rob Morin wrote on 18.10.2007 at 08:15:47 [[BackupPC-users] A tar restore >> issue, does not work on localhost]: >> >>> So i found this post , i forget where that mentioned to use a tarCreat >>> file via sudo to do localhost backups... that works fine but restoring >>> does not work, any help appreciated.... All other servers vis rsync >>> work just fine.... >>> >> let me put into a question what I gather from your post you might be asking: >> >> "I'm doing local backups with XferMethod tar via sudo and a helper script. >> What do I need to observe when doing restores?" >> >> Well, first of all, you'll also need to use sudo. If the backuppc user >> doesn't have sufficient permissions for *reading* the files for backup, he >> almost definitely won't have sufficient permissions for *writing* them on >> restore. >> >> Second, such helper scripts are a very real security risk. There's just >> about no advantage, and it's easy to get things wrong. If the backuppc user >> has *write access* to the script, he (or rather an intruder gaining backuppc >> user priviledges) has immediate full root access to the system, simply by >> putting anything he wants into that script and executing it with 'sudo'. >> Even worse, *any other user* with write access to the script (by local or >> remote means) can alter it and simply wait for a scheduled backup to be run, >> thus executing his commands. With such a script, you *really* need to make >> sure that *only root* has write access to it. Even worse, you need to ensure >> that command injection is impossible (which it probably isn't). Otherwise an >> attacker does not even need write access to the script in order to abuse it. >> >> > > Doesn't this security risk exist regardless of helper scripts? The > backuppc user has write access to the pool, so can change/insert > anything there. Then as long as the host machines are set up to accept > restores from the backuppc server, those modified/new files can be > uploaded. Is there any way to protect against this? > > -Rob > > ------------------------------------------------------------------------- > This SF.net email is sponsored by: Splunk Inc. > Still grepping through log files to find problems? Stop. > Now Search log events and configuration files using AJAX and a browser. > Download your FREE copy of Splunk now >> http://get.splunk.com/ > _______________________________________________ > BackupPC-users mailing list > BackupPC-users@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/backuppc-users > http://backuppc.sourceforge.net/ > ------------------------------------------------------------------------- This SF.net email is sponsored by: Splunk Inc. Still grepping through log files to find problems? Stop. Now Search log events and configuration files using AJAX and a browser. Download your FREE copy of Splunk now >> http://get.splunk.com/ _______________________________________________ BackupPC-users mailing list BackupPC-users@lists.sourceforge.net List: https://lists.sourceforge.net/lists/listinfo/backuppc-users Wiki: http://backuppc.wiki.sourceforge.net Project: http://backuppc.sourceforge.net/
