* Kern Sibbald schrieb am 26.05.10 um 22:37 Uhr: > On Wednesday 26 May 2010 16:43:34 Marc Schiffbauer wrote: > > Hi all, > > > > as referring to bug #1532 bacula by default installs the bacula > > administration GUI with permissions so that only root can execute > > it. > > > > Why? > > > > I do not see any reason why I should not use bat as normal user (or > > bconsole). > > > > For example I always used to use "bat -c ~/.bacula/bat.conf" to run > > bat as normal user from my workstation to control the bacula-dir > > running on the backup server. > > > > This is always more secure than running the whole app as user root. > > We try to install Bacula by default in a reasonably secure way. Since bat by > default can get to *all* files, it is not appropriate for us to allow all > users to access it.
Well, if this really was true, that would be a big security hole, because any user can compile his own version of bat and use that. In fact bat can only get to *all* files if it can read the correct config... So a user needs read access to /etc/bacula/bat.conf explicitly or has to create his own correct config file in order to being able to connect to the director. I really care for security, too. And restricting access to the config files is very important and good. But in my opinion restricting execute permission of bat and its libs will not add any security. It just adds annoyance for "good" users while not adding any security against "bad" users. > > If you need it executable from a user account (I do), then it is up to you to > modify the permissions. The extra time it takes you to make the change is > trivial, in my opinion, to the potential damage that could be done by > installing it open by default. What damage? If a normal user calls bat, he just gets a "Permission denied to access /etc/bacula/bat.conf" (or similar). Its not a problem to change permissions afterwards, right. But OTOH I am not aware of any single program that requires this kind of action in order to be usable. If you really care for which users can execute bat then bat should check itself that it is called by a user which is member of a specific system-group for example. -Marc -- 8AAC 5F46 83B4 DB70 8317 3723 296C 6CCA 35A6 4134 ------------------------------------------------------------------------------ _______________________________________________ Bacula-devel mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/bacula-devel
