2008/9/25 Holger Parplies <[EMAIL PROTECTED]>: > Hi, > > Alan McKay wrote on 2008-09-25 07:55:55 -0400 [Re: [BackupPC-users] possible > to schedule unattended backups with backuppc?]: >> [...] >> That's one way. There are several others. If I'm not mistaken you >> only need the key exchange if you want encrypted backup transport. I >> just use rsyncd because I don't care about encrypting the stream. No >> key exchange required. > > that is true, but the fact remains that if you want unattended remote backups, > you need a method that gets you unattended remote access to the data to be > backed up. There is simply no way around that. > > It is not true, however, that the *web server* needs that access. The web > server just initiates a backup or restore operation, much the same way that > a web server initiates booking of a flight, for example. If you can hack a web > server, you may well be able to fly for free - depending on what other > security measures are in place. It is no different with BackupPC. If you don't > want web-based unattended restores, because that is too dangerous for your > situation, don't enable them. You might even be able to prevent web based > access to the backed up data while retaining web based control of the BackupPC > server by preventing the web server from accessing the pool - I haven't tried > that. > > It's really simple. If you don't want something to be hacked, don't expose it > to the internet [or rather: potential "hackers"]. If you want (or need) the > luxury of accessing something from variable locations, bad guys may be able > to obtain the same access. If you do things wrong, bad guys can obtain more > access than you realize you ever had. > > But all of that is only potentially relevant to the original question (and not > at all to BackupPC, if you ask me), because there *was no original question* > not sufficiently answered on http://backuppc.sourceforge.net/info.html (that's > the "Info" link on BackupPC's homepage - http://backuppc.sourceforge.net if > anyone was wondering). You can't read the documentation to someone on a > mailing > list, because it's text based. The reading needs to be done by the person > wanting the information anyway, and it's more efficient for all involved if he > simply picks what he is interested in from the readily available > documentation.
You put me to shame Holger. Thank you for your reply. /juan ------------------------------------------------------------------------- This SF.Net email is sponsored by the Moblin Your Move Developer's challenge Build the coolest Linux based applications with Moblin SDK & win great prizes Grand prize is a trip for two to an Open Source event anywhere in the world http://moblin-contest.org/redirect.php?banner_id=100&url=/ _______________________________________________ BackupPC-users mailing list [email protected] List: https://lists.sourceforge.net/lists/listinfo/backuppc-users Wiki: http://backuppc.wiki.sourceforge.net Project: http://backuppc.sourceforge.net/
