hi! thank you for this information, but this is not my problem. security for these backup-pc hosts is not so critical, because they are only visible in a dedicated backup LAN. but when archiving will work now and the beta-phase testing backupPC gets finished, I'll make it more secure.
kind regards markus fröhlich Am 22.09.2011 20:38, schrieb Jeffrey J. Kosowsky: > Markus Fröhlich wrote at about 18:43:01 +0200 on Thursday, September 22, 2011: > > backupPC processes run as user "wwwrun" - this is the apache user - > > because of the permissions making the configuration over the > webinterface. > > the archive request get startet over a cronjob and a small skript once a > > week: > > "sudo -u wwwrun /usr/local/BackupPC/bin/BackupPC_archiveStart > > archive-tape xadmin $XALL_HOSTS" > > where the variable XALL_HOSTS contain all hosts of the backupPC server. > > > > As has been pointed out several times before on the list, making > backuppc run as the apache user is potentially a HUGE security hole > since it may end up allowing anybody to have permission to read any of > the backups... > Backuppc should be run as a *separate*, secure user. > > ------------------------------------------------------------------------------ > All the data continuously generated in your IT infrastructure contains a > definitive record of customers, application performance, security > threats, fraudulent activity and more. Splunk takes this data and makes > sense of it. Business sense. IT sense. Common sense. > http://p.sf.net/sfu/splunk-d2dcopy1 > _______________________________________________ > BackupPC-users mailing list > [email protected] > List: https://lists.sourceforge.net/lists/listinfo/backuppc-users > Wiki: http://backuppc.wiki.sourceforge.net > Project: http://backuppc.sourceforge.net/ > -- Mit freundlichen Grüssen Markus Fröhlich Techniker ________________________________________________________ Xidras GmbH Stockern 47 3744 Stockern Austria Tel: +43 (0) 2983 201 30503 Fax: +43 (0) 2983 201 305039 Email: [email protected] Web: http://www.xidras.com FN 317036 f | Landesgericht Krems | ATU64485024 ________________________________________________________________________________ VERTRAULICHE INFORMATIONEN! Diese eMail enthält vertrauliche Informationen und ist nur für den berechtigten Empfänger bestimmt. Wenn diese eMail nicht für Sie bestimmt ist, bitten wir Sie, diese eMail an uns zurückzusenden und anschließend auf Ihrem Computer und Mail-Server zu löschen. Solche eMails und Anlagen dürfen Sie weder nutzen, noch verarbeiten oder Dritten zugänglich machen, gleich in welcher Form. Wir danken für Ihre Kooperation! CONFIDENTIAL! This email contains confidential information and is intended for the authorised recipient only. If you are not an authorised recipient, please return the email to us and then delete it from your computer and mail-server. You may neither use nor edit any such emails including attachments, nor make them accessible to third parties in any manner whatsoever. Thank you for your cooperation ________________________________________________________________________________ ------------------------------------------------------------------------------ All of the data generated in your IT infrastructure is seriously valuable. Why? It contains a definitive record of application performance, security threats, fraudulent activity, and more. Splunk takes this data and makes sense of it. IT sense. And common sense. http://p.sf.net/sfu/splunk-d2dcopy2 _______________________________________________ BackupPC-users mailing list [email protected] List: https://lists.sourceforge.net/lists/listinfo/backuppc-users Wiki: http://backuppc.wiki.sourceforge.net Project: http://backuppc.sourceforge.net/
