Bacula is designed with as much security in mind as I knew/know about. Perhaps you haven't yet had the time to read the manual, but aside from not letting a "user" get access to the Director, you can encrypt all the communications, you can also run the FD in backup only mode, and restart it in read/write mode if you want to restore something. There are many other things you can do as well.
In most cases, it is easier to get root access to a Linux system than it is to exploit a properly configured Bacula, especially if you are running a web server on your machine. If a user has root access he doesn't need Bacula to get what he wants. If you have some specific suggestions for improving Bacula's security (and I suspect there are many things to do, some of which I am implementing now), I suggest you mention them. Kern On 09/06/2013 08:18 PM, stefano scotti wrote: > 2013/9/6, Kern Sibbald <k...@sibbald.com>: >> Hello, >> >> The only security issue is that a "user" should not have access >> to the Bacula Director. Only qualified sys admins should have >> such access. >> >> Best regards, >> Kern >> >> > That's not true. > > There are other security issues related to the fact that TCP bacula > stream could be altered by malicious attackers using one or more of > the network attacks known today (and they are a lot). > > The problem here is that bacula on client machines has more permission > than it needs, and this vulnerability could be exploited even if the > attacker is not able to exploit the bacula server system. This is a > fact. > > And even if it wasn't like that, let's suppose (a false thing) that > the attack could start only by exploting the bacula server machine. > Can you please tell me why an exploted system has to have freely > access to the keys which could exploit every system of its network? > Is it right to considering Bacula the centralized point of security of > an entire network system? what if it fails? > > Accountability and access control are main security matters, and > currently Bacula isn't implementing them very well on this specific > question. > > We shouldn't justify the current architecture just because it is > easier to maintain it in the way it is. > I'm not saying that designing some sort of criteria which limits > bacula permissions is an easy task, we everybody know that security > itself is not an easy task. > > But i'm sure of a thing, it could be done, and it could be done well > if somebody focuses in that. > I'm sure of another thing, it will never be better if everybody will > keep saying that nothing can be done about it. > > I hope bacula's designer will take care of that, because it IS an issue. > > Meanwhile your should, at least, worry about your bacula server and > your network hardening , because you really need it. > > I suggest you the use of VPN tunnels. > > ------------------------------------------------------------------------------ > Learn the latest--Visual Studio 2012, SharePoint 2013, SQL 2012, more! > Discover the easy way to master current and previous Microsoft technologies > and advance your career. Get an incredible 1,500+ hours of step-by-step > tutorial videos with LearnDevNow. Subscribe today and save! > http://pubads.g.doubleclick.net/gampad/clk?id=58041391&iu=/4140/ostg.clktrk > _______________________________________________ > Bacula-devel mailing list > Bacula-devel@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/bacula-devel > ------------------------------------------------------------------------------ Learn the latest--Visual Studio 2012, SharePoint 2013, SQL 2012, more! Discover the easy way to master current and previous Microsoft technologies and advance your career. Get an incredible 1,500+ hours of step-by-step tutorial videos with LearnDevNow. Subscribe today and save! http://pubads.g.doubleclick.net/gampad/clk?id=58041391&iu=/4140/ostg.clktrk _______________________________________________ Bacula-devel mailing list Bacula-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/bacula-devel
