On Wed, 2005-08-17 at 08:03 +0100, Keith Edmunds wrote: > Charles Duffy wrote: > > Hmm. See, my concern is protecting inappropriate files on host from > > being accessed. Perhaps I'll want to use a different security layer in > > addition to application-based measures. > > Charles, I know that you are against each server having its own username > on the backup server, but that is _exactly_ what having individual > server accounts will give you. That's how I implement backups, albeit > for fewer servers than you have, and it works very well. You could spend > a lot of time trying to find the ideal solution...
Keith, Your concern is appreciated, but I *have* a solution that seems to work well for me, without the overhead of (potentially) thousands of accounts and with the additional benefit of eliminating SSH overhead (which is redundant w/ the VPN I run). The only issue I have is that it requires that the server have a patched copy of rdiff-backup. I consider this a reasonable requirement -- but would like to see my patch vetted and pushed upstream rather than remaining a local modification only. With regard to additional, lower-level measures, an LD_PRELOAD that vets file accesses to make sure they're happening within approved paths is still less administrative overhead than would be involved in having remote-server:local-account parity. _______________________________________________ rdiff-backup-users mailing list at [email protected] http://lists.nongnu.org/mailman/listinfo/rdiff-backup-users Wiki URL: http://rdiff-backup.solutionsfirst.com.au/index.php/RdiffBackupWiki
