Hi, I was planning to use Bacula to backup the portable computers in the network. Every time they are in the office, they get backed up. What bothers me is the security implications of this service. The document: http://www.bacula.org/rel-manual/Bacula_Security_Issues.html describes some of the issues, but I was wondering if anyone can shed some more light on this setup.
[quote] You should restrict access to the Bacula configuration files, so that the passwords are not world-readable. The Bacula daemons are password protected using CRAM-MD5 (i.e. the password is not sent across the network). This will ensure that not everyone can access the daemons. It is a reasonably good protection, but can be cracked by experts. [/quote] This is somewhat good, but the "reasonably good" words scares me a bit. [quote] The Clients (bacula-fd) must run as root to be able to access all the system files. [/quote] This one scares me the most. It would be possible for an intruder to gain root access if able to exploit the FD. Is it possible to "push" a request for backup to the Director, once connected to the office network? Kind of like an environmental aware FD-client. Magne ------------------------------------------------------- SF.Net email is sponsored by: Tame your development challenges with Apache's Geronimo App Server. Download it for free - -and be entered to win a 42" plasma tv or your very own Sony(tm)PSP. Click here to play: http://sourceforge.net/geronimo.php _______________________________________________ Bacula-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/bacula-users
