Rich Rauenzahn wrote: > > > Joe Krahn wrote: >> (Maybe this should be posted to -devel?) >> Unrestricted remote root access by a non-root user is generally not a >> secure design. There are many ways to restrict the access to backup >> > > This seems like a good chance to explain how I handle the rsync security > -- I prefer it over the sudo method and did not like the idea of a > remote ssh root login. > > For remote backups, I setup a nonpriv account that I configure for > password-less login from the backup server. I then setup rsyncd to > listen only on localhost on the remote host. I also set an > rsyncd.secrets file and configure the rsyncd.conf shares to be read-only. > To backup, I create a tunnel using the password-less login and then > backup over the tunnel. For local backups, you obviously don't need the > tunnel -- just connect to localhost. > > Rich There are several secure ways to set up a read-only backup system, but that loses the convenience of browsing and restoring files via the web interface. But, users can still directly download files or tar archives, so it is a reasonable approach, and probably the right thing to do for now.
Joe ------------------------------------------------------------------------- This SF.net email is sponsored by: Microsoft Defy all challenges. Microsoft(R) Visual Studio 2008. http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/ _______________________________________________ BackupPC-users mailing list [email protected] List: https://lists.sourceforge.net/lists/listinfo/backuppc-users Wiki: http://backuppc.wiki.sourceforge.net Project: http://backuppc.sourceforge.net/
