On Thursday 09 August 2007 23:19, Mateusz Ezlakowski wrote: > Hi! > we are trying to set up bacula at our office. The only concern is that > even the administrator who will be responsible for the backups is not > supposed to have access to some important files. Is it possible to set up > bacula, so the administrator can do backups and manage everything, however > he would need to get a password from the computer owner to restore his > files? > I would appreciate any answers,
It may be possible, but I think it is a *very* bad idea. It means that the administrator at some point will have a lot of private passwords, and that is a serious breach of security. Generally, a Unix administrator has root permission, which means that he can do anything to any of the files on the system, and even though he can login as any particular user, he does not have access to their password. If you do not fully trust your administrator, create a set of Verify jobs that verify the critical files on each of the user's machines, and set this up on a machine where the administrator does not have access under the control of a second person. That person could then detect any change to important system files (this is typically something a bank might want) and code thus "check" the administrator or detect any serious virus or Trojan. Regards, Kern ------------------------------------------------------------------------- This SF.net email is sponsored by: Splunk Inc. Still grepping through log files to find problems? Stop. Now Search log events and configuration files using AJAX and a browser. Download your FREE copy of Splunk now >> http://get.splunk.com/ _______________________________________________ Bacula-devel mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/bacula-devel
