subject:"\[BackupPC\-users\] BackupPC 4.2.0 released"

Re: [BackupPC-users] BackupPC 4.2.0 released

2018-05-05 Thread Craig Barratt via BackupPC-users

As usual, Holger makes some very good points.  I just pushed some additional
changes
<https://github.com/backuppc/backuppc/commit/953a5cb976a76ca3175c984cd84e9bbe070ee241>
so that CgiUserDeleteBackupEnable can be set to a negative value to disable
the backup delete feature for everyone, including admins.

Craig

On Thu, May 3, 2018 at 3:48 PM, Holger Parplies  wrote:

> Hi,
>
> Steve Palm wrote on 2018-05-03 09:55:38 -0500 [Re: [BackupPC-users]
> BackupPC 4.2.0 released]:
> > I think that would cover it here, as you said, if you give someone Admin
> > rights, then they can alter any other settings. Only a
> > compile-build-install-time option to totally remove it would eliminate
> this
> > possibility.
>
> well, not really. If you can change the host settings, you can probably
> change
> backup expiry to keep only one or two backups, change the data set to only
> include /tmp, for example, and then manually force one or two backups. It's
> not as fast and easy as a "maliciously delete all backups" button, but if
> we're talking about security, it doesn't have to be easy, just possible.
> With root access to the BackupPC server, it's just a matter of 'rm -r',
> really. If you give someone 'Admin' capabilities (for whatever definition
> may be applicable), he can administratively break things. There is really
> no way to tell a computer to let someone only do constructive things.
> 'gzip /etc/passwd' is a good thing, right? ;-)
>
> For the 'home use' type scenario (as in "backup *PC*"), where people "own"
> machines they backup and restore as they like, there may be some merit in
> allowing them to delete backups on their own.
>
> For the 'office' type scenario (as in "*Backup* pc"), I would expect an IT
> department (or some member(s) of it) to be responsible for backups, and
> *nobody* else to have any access to them. The access control mechanism in
> BackupPC is just not fine-grained enough - if you can see any data within a
> backup, you can see all of it. In this scenario, you probably won't ever
> manually delete backups, and if you do, you'll do it through shell access
> to the BackupPC server from the command line. So you'll have a gratuitious
> "shoot myself in the foot" button in the web interface, nothing more.
>
> There will always be people who use BackupPC somewhere in between those
> scenarios, so yes, why not give them the option of deleting backups through
> the web interface?
>
> > It is a great feature to have, especially with some restrictions on
> > availability. Thanks!
> >
> > > On Apr 21, 2018, at 7:43 PM, Craig Barratt via BackupPC-users <
> backuppc-users@lists.sourceforge.net> wrote:
> > >
> > > I just pushed some changes [...] that add a new config variable
> > > CgiUserDeleteBackupEnable (default off) which sets whether users can
> > > delete backups via the CGI interface.
>
> I agree that this makes sense (both the option and the default).
>
> > >  Admins always have the delete feature enabled.
>
> Absurdly, I'd suggest to always *dis*able the feature for admins. Well, no,
> that doesn't make much sense, either. But it's so easy - even for admins -
> to press the wrong button (just imagine an unresponsive browser or X
> server)
> and then answer the confirmation dialog the wrong way. If a site has the
> policy (or maybe even legal requirement) "we *never* manually delete
> backups",
> they should be able to prevent this from happening accidentally (or
> maliciously, if you prefer).
>
> In fact, it's possible to disable direct restores, which can do great harm,
> so I'd argue it should be possible to disable backup deletion, too.
>
> Disclaimer: no, I haven't looked at the new version or its web interface,
> so
> reality might be less problematic than the theory sounds. But even if it's
> hard to shoot yourself in the foot, someone will manage ;-).
>
> > > On Fri, Apr 20, 2018 at 11:05 AM, Craig Barratt <
> cbarr...@users.sourceforge.net <mailto:cbarr...@users.sourceforge.net>>
> wrote:
> > > [...]
> > > How about I add a configuration setting that has three values -
> completely
> > > off, admin only, or any user?  The default setting could be admin only.
>
> I would prefer that implementation. Personally, I'd make the default
> setting
> "completely off", though I trust people really *wanting* that setting could
> easily enough change it, if the default were different. In a way, the
> default
> setting seems to be a recommendatio

Re: [BackupPC-users] BackupPC 4.2.0 released

2018-05-03 Thread Holger Parplies

Hi,

Steve Palm wrote on 2018-05-03 09:55:38 -0500 [Re: [BackupPC-users] BackupPC 
4.2.0 released]:
> I think that would cover it here, as you said, if you give someone Admin
> rights, then they can alter any other settings. Only a
> compile-build-install-time option to totally remove it would eliminate this
> possibility.

well, not really. If you can change the host settings, you can probably change
backup expiry to keep only one or two backups, change the data set to only
include /tmp, for example, and then manually force one or two backups. It's
not as fast and easy as a "maliciously delete all backups" button, but if
we're talking about security, it doesn't have to be easy, just possible.
With root access to the BackupPC server, it's just a matter of 'rm -r',
really. If you give someone 'Admin' capabilities (for whatever definition
may be applicable), he can administratively break things. There is really
no way to tell a computer to let someone only do constructive things.
'gzip /etc/passwd' is a good thing, right? ;-)

For the 'home use' type scenario (as in "backup *PC*"), where people "own"
machines they backup and restore as they like, there may be some merit in
allowing them to delete backups on their own.

For the 'office' type scenario (as in "*Backup* pc"), I would expect an IT
department (or some member(s) of it) to be responsible for backups, and
*nobody* else to have any access to them. The access control mechanism in
BackupPC is just not fine-grained enough - if you can see any data within a
backup, you can see all of it. In this scenario, you probably won't ever
manually delete backups, and if you do, you'll do it through shell access
to the BackupPC server from the command line. So you'll have a gratuitious
"shoot myself in the foot" button in the web interface, nothing more.

There will always be people who use BackupPC somewhere in between those
scenarios, so yes, why not give them the option of deleting backups through
the web interface?

> It is a great feature to have, especially with some restrictions on
> availability. Thanks!
> 
> > On Apr 21, 2018, at 7:43 PM, Craig Barratt via BackupPC-users 
> >  wrote:
> > 
> > I just pushed some changes [...] that add a new config variable
> > CgiUserDeleteBackupEnable (default off) which sets whether users can
> > delete backups via the CGI interface.

I agree that this makes sense (both the option and the default).

> >  Admins always have the delete feature enabled.

Absurdly, I'd suggest to always *dis*able the feature for admins. Well, no,
that doesn't make much sense, either. But it's so easy - even for admins -
to press the wrong button (just imagine an unresponsive browser or X server)
and then answer the confirmation dialog the wrong way. If a site has the
policy (or maybe even legal requirement) "we *never* manually delete backups",
they should be able to prevent this from happening accidentally (or
maliciously, if you prefer).

In fact, it's possible to disable direct restores, which can do great harm,
so I'd argue it should be possible to disable backup deletion, too.

Disclaimer: no, I haven't looked at the new version or its web interface, so
reality might be less problematic than the theory sounds. But even if it's
hard to shoot yourself in the foot, someone will manage ;-).

> > On Fri, Apr 20, 2018 at 11:05 AM, Craig Barratt 
> > mailto:cbarr...@users.sourceforge.net>> 
> > wrote:
> > [...]
> > How about I add a configuration setting that has three values - completely
> > off, admin only, or any user?  The default setting could be admin only.

I would prefer that implementation. Personally, I'd make the default setting
"completely off", though I trust people really *wanting* that setting could
easily enough change it, if the default were different. In a way, the default
setting seems to be a recommendation. Is manually deleting backups that are
no longer needed something the average BackupPC admin should do, or was it
added for the sake of being able to easily fix commonly made mistakes without
creating more problems along the way?

Regards,
Holger

--
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
___
BackupPC-users mailing list
BackupPC-users@lists.sourceforge.net
List:https://lists.sourceforge.net/lists/listinfo/backuppc-users
Wiki:http://backuppc.wiki.sourceforge.net
Project: http://backuppc.sourceforge.net/

Re: [BackupPC-users] BackupPC 4.2.0 released

2018-05-03 Thread Steve Palm

I think that would cover it here, as you said, if you give someone Admin 
rights, then they can alter any other settings. Only a 
compile-build-install-time option to totally remove it would eliminate this 
possibility.

It is a great feature to have, especially with some restrictions on 
availability. Thanks!

> On Apr 21, 2018, at 7:43 PM, Craig Barratt via BackupPC-users 
>  wrote:
> 
> I just pushed some changes 
> 
>  that add a new config variable CgiUserDeleteBackupEnable (default off) which 
> sets whether users can delete backups via the CGI interface.  Admins always 
> have the delete feature enabled.
> 
> Craig
> 
> On Fri, Apr 20, 2018 at 11:05 AM, Craig Barratt 
> mailto:cbarr...@users.sourceforge.net>> 
> wrote:
> This is a very good point.
> 
> How about I add a configuration setting that has three values - completely 
> off, admin only, or any user?  The default setting could be admin only.
> 
> However, if it's turned off, any admin could change that setting back to 
> admin only.
> 
> Craig
> 
> On Monday, April 16, 2018, Steve Palm  > wrote:
> 
> On Apr 16, 2018, at 7:47 AM, Ghislain Adnet  > wrote:
> > Le 15/04/2018 à 01:10, Craig Barratt via BackupPC-users a écrit :
> >> BackupPC 4.2.0  >> > has been 
> >> released on Github.
> >> The changes since4.1.5 
> >>  >> >are listed 
> >> below.  The biggest change is a new feature in the web interface written 
> >> by @moisseev that allows prior backups to be deleted.
> > 
> > ohhh this is a very bad idea... Having a way to remove backup in the web 
> > interface  sounds cool but when a bad apple employee comes and destroy all 
> > the backups because he is angry this is a real issue. Same if account is 
> > comprimised
>  .
>  .
>  .
> >  is there a way to remove the feature so its not even loaded in the code 
> > (not just limited by the login/pass used) ?
> 
>  I didn't see where it was even configurable by user/login/etc...  If it is, 
> please post, and also a global "shutoff" would be great. Maybe a 
> compile/install option to not even include it as requested above, although 
> for our use case I don't think we need to go that far, hope I'm not ever 
> proven wrong on that. :)
> 
>  Thanks!
>  Steve
> 
> 
> --
> Check out the vibrant tech community on one of the world's most
> engaging tech sites, Slashdot.org! http://sdm.link/slashdot 
> 
> ___
> BackupPC-users mailing list
> BackupPC-users@lists.sourceforge.net 
> 
> List:https://lists.sourceforge.net/lists/listinfo/backuppc-users 
> 
> Wiki:http://backuppc.wiki.sourceforge.net 
> 
> Project: http://backuppc.sourceforge.net/ 
> 
> --
> Check out the vibrant tech community on one of the world's most
> engaging tech sites, Slashdot.org! 
> http://sdm.link/slashdot___
> BackupPC-users mailing list
> BackupPC-users@lists.sourceforge.net
> List:https://lists.sourceforge.net/lists/listinfo/backuppc-users
> Wiki:http://backuppc.wiki.sourceforge.net
> Project: http://backuppc.sourceforge.net/

--
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot___
BackupPC-users mailing list
BackupPC-users@lists.sourceforge.net
List:https://lists.sourceforge.net/lists/listinfo/backuppc-users
Wiki:http://backuppc.wiki.sourceforge.net
Project: http://backuppc.sourceforge.net/

Re: [BackupPC-users] BackupPC 4.2.0 released

2018-04-21 Thread Craig Barratt via BackupPC-users

I just pushed some changes

that add a new config variable CgiUserDeleteBackupEnable (default off)
which sets whether users can delete backups via the CGI interface.  Admins
always have the delete feature enabled.

Craig

On Fri, Apr 20, 2018 at 11:05 AM, Craig Barratt <
cbarr...@users.sourceforge.net> wrote:

> This is a very good point.
>
> How about I add a configuration setting that has three values - completely
> off, admin only, or any user?  The default setting could be admin only.
>
> However, if it's turned off, any admin could change that setting back to
> admin only.
>
> Craig
>
> On Monday, April 16, 2018, Steve Palm  wrote:
>
>>
>> On Apr 16, 2018, at 7:47 AM, Ghislain Adnet  wrote:
>> > Le 15/04/2018 à 01:10, Craig Barratt via BackupPC-users a écrit :
>> >> BackupPC 4.2.0 > ackuppc/releases/tag/4.2.0> has been released on Github.
>> >> The changes since4.1.5 > ackuppc/releases/tag/4.1.5>are listed below.  The biggest change is a
>> new feature in the web interface written by @moisseev that allows prior
>> backups to be deleted.
>> >
>> > ohhh this is a very bad idea... Having a way to remove backup in the
>> web interface  sounds cool but when a bad apple employee comes and destroy
>> all the backups because he is angry this is a real issue. Same if account
>> is comprimised
>>  .
>>  .
>>  .
>> >  is there a way to remove the feature so its not even loaded in the
>> code (not just limited by the login/pass used) ?
>>
>>  I didn't see where it was even configurable by user/login/etc...  If it
>> is, please post, and also a global "shutoff" would be great. Maybe a
>> compile/install option to not even include it as requested above, although
>> for our use case I don't think we need to go that far, hope I'm not ever
>> proven wrong on that. :)
>>
>>  Thanks!
>>  Steve
>>
>>
>> 
>> --
>> Check out the vibrant tech community on one of the world's most
>> engaging tech sites, Slashdot.org! http://sdm.link/slashdot
>> ___
>> BackupPC-users mailing list
>> BackupPC-users@lists.sourceforge.net
>> List:https://lists.sourceforge.net/lists/listinfo/backuppc-users
>> Wiki:http://backuppc.wiki.sourceforge.net
>> Project: http://backuppc.sourceforge.net/
>>
>
--
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot___
BackupPC-users mailing list
BackupPC-users@lists.sourceforge.net
List:https://lists.sourceforge.net/lists/listinfo/backuppc-users
Wiki:http://backuppc.wiki.sourceforge.net
Project: http://backuppc.sourceforge.net/

Re: [BackupPC-users] BackupPC 4.2.0 released

2018-04-20 Thread Craig Barratt via BackupPC-users

This is a very good point.

How about I add a configuration setting that has three values - completely
off, admin only, or any user?  The default setting could be admin only.

However, if it's turned off, any admin could change that setting back to
admin only.

Craig

On Monday, April 16, 2018, Steve Palm  wrote:

>
> On Apr 16, 2018, at 7:47 AM, Ghislain Adnet  wrote:
> > Le 15/04/2018 à 01:10, Craig Barratt via BackupPC-users a écrit :
> >> BackupPC 4.2.0 
> has been released on Github.
> >> The changes since4.1.5  backuppc/releases/tag/4.1.5>are listed below.  The biggest change is a
> new feature in the web interface written by @moisseev that allows prior
> backups to be deleted.
> >
> > ohhh this is a very bad idea... Having a way to remove backup in the web
> interface  sounds cool but when a bad apple employee comes and destroy all
> the backups because he is angry this is a real issue. Same if account is
> comprimised
>  .
>  .
>  .
> >  is there a way to remove the feature so its not even loaded in the code
> (not just limited by the login/pass used) ?
>
>  I didn't see where it was even configurable by user/login/etc...  If it
> is, please post, and also a global "shutoff" would be great. Maybe a
> compile/install option to not even include it as requested above, although
> for our use case I don't think we need to go that far, hope I'm not ever
> proven wrong on that. :)
>
>  Thanks!
>  Steve
>
>
> 
> --
> Check out the vibrant tech community on one of the world's most
> engaging tech sites, Slashdot.org! http://sdm.link/slashdot
> ___
> BackupPC-users mailing list
> BackupPC-users@lists.sourceforge.net
> List:https://lists.sourceforge.net/lists/listinfo/backuppc-users
> Wiki:http://backuppc.wiki.sourceforge.net
> Project: http://backuppc.sourceforge.net/
>
--
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot___
BackupPC-users mailing list
BackupPC-users@lists.sourceforge.net
List:https://lists.sourceforge.net/lists/listinfo/backuppc-users
Wiki:http://backuppc.wiki.sourceforge.net
Project: http://backuppc.sourceforge.net/

Re: [BackupPC-users] BackupPC 4.2.0 released

2018-04-16 Thread Steve Palm


On Apr 16, 2018, at 7:47 AM, Ghislain Adnet  wrote:
> Le 15/04/2018 à 01:10, Craig Barratt via BackupPC-users a écrit :
>> BackupPC 4.2.0  has 
>> been released on Github.
>> The changes since4.1.5 
>> are listed below.  
>> The biggest change is a new feature in the web interface written by 
>> @moisseev that allows prior backups to be deleted.
> 
> ohhh this is a very bad idea... Having a way to remove backup in the web 
> interface  sounds cool but when a bad apple employee comes and destroy all 
> the backups because he is angry this is a real issue. Same if account is 
> comprimised
 .
 .
 .
>  is there a way to remove the feature so its not even loaded in the code (not 
> just limited by the login/pass used) ?

 I didn't see where it was even configurable by user/login/etc...  If it is, 
please post, and also a global "shutoff" would be great. Maybe a 
compile/install option to not even include it as requested above, although for 
our use case I don't think we need to go that far, hope I'm not ever proven 
wrong on that. :)

 Thanks!
 Steve


--
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
___
BackupPC-users mailing list
BackupPC-users@lists.sourceforge.net
List:https://lists.sourceforge.net/lists/listinfo/backuppc-users
Wiki:http://backuppc.wiki.sourceforge.net
Project: http://backuppc.sourceforge.net/

Re: [BackupPC-users] BackupPC 4.2.0 released

2018-04-16 Thread Ghislain Adnet


Le 15/04/2018 à 01:10, Craig Barratt via BackupPC-users a écrit :

BackupPC 4.2.0  has 
been released on Github.

The changes since4.1.5 are listed below.  The biggest change is 
a new feature in the web interface written by @moisseev that allows prior backups to be deleted.




ohhh this is a very bad idea... Having a way to remove backup in the web interface  sounds cool but when a bad apple 
employee comes and destroy all the backups because he is angry this is a real issue. Same if account is comprimised


With the agentless thing the fact that nobody could destroy a backup was a 
major features that was making us use backuppc.

Command line tools are fine but webgui tools to do that seems scuicidal to me where availability of backups is more 
important to anything else. When you have a problem you want the backups to be there and not learn that a compromised PC 
led to wiping of its data AND of the backups alltogether :)


is there a way to remove the feature so its not even loaded in the code (not 
just limited by the login/pass used) ?

Regards,
Ghislain.

--
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
___
BackupPC-users mailing list
BackupPC-users@lists.sourceforge.net
List:https://lists.sourceforge.net/lists/listinfo/backuppc-users
Wiki:http://backuppc.wiki.sourceforge.net
Project: http://backuppc.sourceforge.net/

[BackupPC-users] BackupPC 4.2.0 released

2018-04-14 Thread Craig Barratt via BackupPC-users

BackupPC 4.2.0  has
been released on Github.

The changes since 4.1.5
 are listed
below.  The biggest change is a new feature in the web interface
written by @moisseev
that allows prior backups to be deleted.

Enjoy!

Craig

#
# Version 4.2.0, 8 Apr 2018
#

Merged pull requests #160, #190.

* Backups can now be deleted via the CGI interface, written by @moisseev
  (#160).

* bin/BackupPC_backupDelete: added -L option that puts output into client
  LOG file, to support CGI backup deletion.

* Added support for a user-editable comment per host, via a new
ClientComment
  config parameter, requested by @andrewmaksymowsky.

* bin/BackupPC_tarExtract: Added support for pax headers, which smbclient
  uses for long file names

* bin/BackupPC_backupDelete: make sure directory exists when renaming tree
  from deleted backup.

* lib/BackupPC/Xfer/Smb.pm: ignore empty output lines from smbclient;
  fixes issue #159.

* bin/BackupPC: improved several of the exit error messages.

* lib/BackupPC/Xfer/Rsync.pm: added shareName to RsyncArgs* argument
  substitutions; suggested by Alex Kobel.

* conf/BackupPC_stnd.css: removed import url('
https://fonts.googleapis.com/css'
  suggested by @MartijnRas in issue #174.
--
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot___
BackupPC-users mailing list
BackupPC-users@lists.sourceforge.net
List:https://lists.sourceforge.net/lists/listinfo/backuppc-users
Wiki:http://backuppc.wiki.sourceforge.net
Project: http://backuppc.sourceforge.net/

Re: [BackupPC-users] BackupPC 4.2.0 released

Re: [BackupPC-users] BackupPC 4.2.0 released

Re: [BackupPC-users] BackupPC 4.2.0 released

Re: [BackupPC-users] BackupPC 4.2.0 released

Re: [BackupPC-users] BackupPC 4.2.0 released

Re: [BackupPC-users] BackupPC 4.2.0 released

Re: [BackupPC-users] BackupPC 4.2.0 released

[BackupPC-users] BackupPC 4.2.0 released

8 matches

Site Navigation

Mail list logo

Footer information