Re: [Veritas-bu] sniff...bpgp is gone from 6.5
On Thu, Apr 17, 2008 at 11:21 PM, Stump, Bob A [EMAIL PROTECTED] wrote: Just wondering if you NetBackup 6.5 admins can check to see if bprsh still is available. bprsh is similar to remsh or rsh Yup, it's still there. [EMAIL PROTECTED] bin]# ls -l /usr/openv/netbackup/bin/admincmd/bprsh -r-xr-xr-x 1 root bin64380 Nov 16 10:42 /usr/openv/netbackup/bin/admincmd/bprsh -- Ed Wilts, Mounds View, MN, USA mailto:[EMAIL PROTECTED] ___ Veritas-bu maillist - Veritas-bu@mailman.eng.auburn.edu http://mailman.eng.auburn.edu/mailman/listinfo/veritas-bu
Re: [Veritas-bu] sniff...bpgp is gone from 6.5
Makes no sense that they remove a command that allows putting or getting a file on a client yet leave bprsh. bprsh allows root to run any command that is in the /usr/openv/netbackup/bin or volmgr/bin as root on a client. Any command could potentially be placed into those directories. It doesn't have to be a NetBackup command. bpgp is like a speck of sawdust in the eye of security while bprsh would be a plank. (NIV paraphrase) From: Ed Wilts [mailto:[EMAIL PROTECTED] Sent: Friday, April 18, 2008 9:44 AM To: Stump, Bob A Cc: VERITAS-BU@mailman.eng.auburn.edu Subject: Re: [Veritas-bu] sniff...bpgp is gone from 6.5 On Thu, Apr 17, 2008 at 11:21 PM, Stump, Bob A [EMAIL PROTECTED] wrote: Just wondering if you NetBackup 6.5 admins can check to see if bprsh still is available. bprsh is similar to remsh or rsh Yup, it's still there. [EMAIL PROTECTED] bin]# ls -l /usr/openv/netbackup/bin/admincmd/bprsh -r-xr-xr-x 1 root bin64380 Nov 16 10:42 /usr/openv/netbackup/bin/admincmd/bprsh -- Ed Wilts, Mounds View, MN, USA mailto:[EMAIL PROTECTED] __ The information contained in this message is proprietary and/or confidential. If you are not the intended recipient, please: (i) delete the message and all copies; (ii) do not disclose, distribute or use the message in any manner; and (iii) notify the sender immediately. In addition, please be aware that any message addressed to our domain is subject to archiving and review by persons other than the intended recipient. Thank you. Veritas-bu maillist - Veritas-bu@mailman.eng.auburn.edu http://mailman.eng.auburn.edu/mailman/listinfo/veritas-bu
Re: [Veritas-bu] sniff...bpgp is gone from 6.5
Just wondering if you NetBackup 6.5 admins can check to see if bprsh still is available. bprsh is similar to remsh or rsh # bprsh -Q bprsh [ -l username ] hostname command [ -FF ] [ -SO filename ] [ -SE [filename] ] -SO writes all stdout to filename -SE writes all stderr to filename, or, in the absence of a filename, appends/catenates all stderr to the end of stdout. In the absence of -SE in either form, all stderr will be interspersed in the stdout as it was issued. In the absence of -SO, -SE and -FF, everything is written to stdout as it was issued. -FF ignores all output, and just starts the command, not waiting for completion; -FF will override -SO and/or -SE if present. Use quotes as required, especially around the command pathname (escape the quotes). Note: The list of commands allowed is extremely limited. NOTE: On Unix clients, only commands found in the /usr/openv/netbackup/bin or /usr/openv/volmgr/bin can be executed. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of rob worman Sent: Monday, April 07, 2008 3:49 PM To: VERITAS-BU@mailman.eng.auburn.edu Subject: Re: [Veritas-bu] sniff...bpgp is gone from 6.5 This thread is pretty much deceased, but I thought I would resurrect it briefly to point out that the latest entry to the official NetBackup blog (did you know that there was an official NetBackup blog? Me neither, until last week...) happens to conclude with the following statement: If you think you need bpgp to get your job done, let us know why by leaving a comment explaining how you use it. If you are one of the great many users who miss bpgp, surf to... https://forums.symantec.com/blog?blog.id=NetBackup and leave a comment that explains why bpgp has been crucial to your NetBackup existence! HTH rob ___ Veritas-bu maillist - Veritas-bu@mailman.eng.auburn.edu http://mailman.eng.auburn.edu/mailman/listinfo/veritas-bu __ The information contained in this message is proprietary and/or confidential. If you are not the intended recipient, please: (i) delete the message and all copies; (ii) do not disclose, distribute or use the message in any manner; and (iii) notify the sender immediately. In addition, please be aware that any message addressed to our domain is subject to archiving and review by persons other than the intended recipient. Thank you. _ ___ Veritas-bu maillist - Veritas-bu@mailman.eng.auburn.edu http://mailman.eng.auburn.edu/mailman/listinfo/veritas-bu
Re: [Veritas-bu] sniff...bpgp is gone from 6.5
This thread is pretty much deceased, but I thought I would resurrect it briefly to point out that the latest entry to the official NetBackup blog (did you know that there was an official NetBackup blog? Me neither, until last week...) happens to conclude with the following statement: If you think you need bpgp to get your job done, let us know why by leaving a comment explaining how you use it. If you are one of the great many users who miss bpgp, surf to... https://forums.symantec.com/blog?blog.id=NetBackup and leave a comment that explains why bpgp has been crucial to your NetBackup existence! HTH rob ___ Veritas-bu maillist - Veritas-bu@mailman.eng.auburn.edu http://mailman.eng.auburn.edu/mailman/listinfo/veritas-bu
Re: [Veritas-bu] sniff...bpgp is gone from 6.5
On Mon, 7 Apr 2008, rob worman wrote: This thread is pretty much deceased, but I thought I would resurrect it briefly to point out that the latest entry to the official NetBackup blog (did you know that there was an official NetBackup blog? Me neither, until last week...) happens to conclude with the following statement: If you think you need bpgp to get your job done, let us know why by leaving a comment explaining how you use it. If you are one of the great many users who miss bpgp, surf to... https://forums.symantec.com/blog?blog.id=NetBackup and leave a comment that explains why bpgp has been crucial to your NetBackup existence! HTH rob ___ Veritas-bu maillist - Veritas-bu@mailman.eng.auburn.edu http://mailman.eng.auburn.edu/mailman/listinfo/veritas-bu Cool blog, got any other useful links? :) ___ Veritas-bu maillist - Veritas-bu@mailman.eng.auburn.edu http://mailman.eng.auburn.edu/mailman/listinfo/veritas-bu
[Veritas-bu] sniff...bpgp is gone from 6.5
Say it ain't so, Joe! Yes, the beloved bpgp is gone from NetBackup 6.5. Worse, restoring bpgp from a 6.0 backup does not help. The restored bpgp fails with a core dump. Oh whatever are we to do? I'll miss you, bpgp. You helped me out so much in the past. Have a joyful retirement. __ The information contained in this message is proprietary and/or confidential. If you are not the intended recipient, please: (i) delete the message and all copies; (ii) do not disclose, distribute or use the message in any manner; and (iii) notify the sender immediately. In addition, please be aware that any message addressed to our domain is subject to archiving and review by persons other than the intended recipient. Thank you. _ ___ Veritas-bu maillist - Veritas-bu@mailman.eng.auburn.edu http://mailman.eng.auburn.edu/mailman/listinfo/veritas-bu
[Veritas-bu] sniff...bpgp is gone from 6.5
I'm looking into whether or not this is true. If it is, it's time for an email campaign. Some see it as a security hole, and I think that's ridiculous. Anybody who is root/Administrator on a NetBackup master can push any file to any client any time they want via a backup/restore command. Removing bpgp only makes it take a few minutes instead of a few seconds. Other complaints about it over the years have been that it doesn't check for like/like. You can overwrite a directory with a file if you tell it to. For example, the following command would be VERY BAD! WRONGWAY# bpgp to client /etc/hosts /etc #DON'T DO THIS While this would be perfectly valid syntax with copy, cp, rcp, mv, etc, it is NOT proper syntax with bpgp. The command above would overwrite the /etc DIRECTORY with /etc/hosts, which, of course, would not be good for your client. (Some have even overwritten their root mount point.) Perhaps they got too many calls from people that did just that. Of course, about five lines of code could have fixed that problem. It doesn't allow you to copy a directory, but it doesn't check if what you're copying to is a directory. A simple check that the target file is or is not a directory would have sufficed. If it was a directory, it could just exit with error. But they chose instead to just pretend the command didn't exist. It's not documented; there's not even a Usage statement in the command itself, even if you do strings. If you call support and complain they tell you it's not supported. +-- |This was sent by [EMAIL PROTECTED] via Backup Central. |Forward SPAM to [EMAIL PROTECTED] +-- ___ Veritas-bu maillist - Veritas-bu@mailman.eng.auburn.edu http://mailman.eng.auburn.edu/mailman/listinfo/veritas-bu
Re: [Veritas-bu] sniff...bpgp is gone from 6.5
Cant get to a test lab, but found this... https://forums.symantec.com/syment/board/message?board.id=21message.id= 40520 Simon -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Stump, Bob A Sent: Tuesday, January 22, 2008 5:56 PM To: VERITAS-BU@mailman.eng.auburn.edu Subject: Re: [Veritas-bu] sniff...bpgp is gone from 6.5 Somebody please check to see if bpdir still exists in NB 6.5 -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of cpreston Sent: Tuesday, January 22, 2008 12:41 PM To: VERITAS-BU@mailman.eng.auburn.edu Subject: [Veritas-bu] sniff...bpgp is gone from 6.5 I'm looking into whether or not this is true. If it is, it's time for an email campaign. Some see it as a security hole, and I think that's ridiculous. Anybody who is root/Administrator on a NetBackup master can push any file to any client any time they want via a backup/restore command. Removing bpgp only makes it take a few minutes instead of a few seconds. Other complaints about it over the years have been that it doesn't check for like/like. You can overwrite a directory with a file if you tell it to. For example, the following command would be VERY BAD! WRONGWAY# bpgp to client /etc/hosts /etc #DON'T DO THIS While this would be perfectly valid syntax with copy, cp, rcp, mv, etc, it is NOT proper syntax with bpgp. The command above would overwrite the /etc DIRECTORY with /etc/hosts, which, of course, would not be good for your client. (Some have even overwritten their root mount point.) Perhaps they got too many calls from people that did just that. Of course, about five lines of code could have fixed that problem. It doesn't allow you to copy a directory, but it doesn't check if what you're copying to is a directory. A simple check that the target file is or is not a directory would have sufficed. If it was a directory, it could just exit with error. But they chose instead to just pretend the command didn't exist. It's not documented; there's not even a Usage statement in the command itself, even if you do strings. If you call support and complain they tell you it's not supported. +-- |This was sent by [EMAIL PROTECTED] via Backup Central. Forward |SPAM to [EMAIL PROTECTED] +-- ___ Veritas-bu maillist - Veritas-bu@mailman.eng.auburn.edu http://mailman.eng.auburn.edu/mailman/listinfo/veritas-bu __ The information contained in this message is proprietary and/or confidential. If you are not the intended recipient, please: (i) delete the message and all copies; (ii) do not disclose, distribute or use the message in any manner; and (iii) notify the sender immediately. In addition, please be aware that any message addressed to our domain is subject to archiving and review by persons other than the intended recipient. Thank you. _ ___ Veritas-bu maillist - Veritas-bu@mailman.eng.auburn.edu http://mailman.eng.auburn.edu/mailman/listinfo/veritas-bu This email (including any attachments) may contain confidential and/or privileged information or information otherwise protected from disclosure. If you are not the intended recipient, please notify the sender immediately, do not copy this message or any attachments and do not use it for any purpose or disclose its content to any person, but delete this message and any attachments from your system. Astrium disclaims any and all liability if this email transmission was virus corrupted, altered or falsified. - Astrium Limited, Registered in England and Wales No. 2449259 REGISTERED OFFICE:- Gunnels Wood Road, Stevenage, Hertfordshire, SG1 2AS, England ___ Veritas-bu maillist - Veritas-bu@mailman.eng.auburn.edu http://mailman.eng.auburn.edu/mailman/listinfo/veritas-bu
Re: [Veritas-bu] sniff...bpgp is gone from 6.5
Alas, tis true! -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of cpreston Sent: Tuesday, January 22, 2008 12:41 PM To: VERITAS-BU@mailman.eng.auburn.edu Subject: [Veritas-bu] sniff...bpgp is gone from 6.5 I'm looking into whether or not this is true. If it is, it's time for an email campaign. Some see it as a security hole, and I think that's ridiculous. Anybody who is root/Administrator on a NetBackup master can push any file to any client any time they want via a backup/restore command. Removing bpgp only makes it take a few minutes instead of a few seconds. Other complaints about it over the years have been that it doesn't check for like/like. You can overwrite a directory with a file if you tell it to. For example, the following command would be VERY BAD! WRONGWAY# bpgp to client /etc/hosts /etc #DON'T DO THIS While this would be perfectly valid syntax with copy, cp, rcp, mv, etc, it is NOT proper syntax with bpgp. The command above would overwrite the /etc DIRECTORY with /etc/hosts, which, of course, would not be good for your client. (Some have even overwritten their root mount point.) Perhaps they got too many calls from people that did just that. Of course, about five lines of code could have fixed that problem. It doesn't allow you to copy a directory, but it doesn't check if what you're copying to is a directory. A simple check that the target file is or is not a directory would have sufficed. If it was a directory, it could just exit with error. But they chose instead to just pretend the command didn't exist. It's not documented; there's not even a Usage statement in the command itself, even if you do strings. If you call support and complain they tell you it's not supported. +-- |This was sent by [EMAIL PROTECTED] via Backup Central. |Forward SPAM to [EMAIL PROTECTED] +-- ___ Veritas-bu maillist - Veritas-bu@mailman.eng.auburn.edu http://mailman.eng.auburn.edu/mailman/listinfo/veritas-bu ___ Veritas-bu maillist - Veritas-bu@mailman.eng.auburn.edu http://mailman.eng.auburn.edu/mailman/listinfo/veritas-bu
Re: [Veritas-bu] sniff...bpgp is gone from 6.5
nope... that is gone. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Stump, Bob A Sent: Tuesday, January 22, 2008 12:56 PM To: VERITAS-BU@mailman.eng.auburn.edu Subject: Re: [Veritas-bu] sniff...bpgp is gone from 6.5 Somebody please check to see if bpdir still exists in NB 6.5 -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of cpreston Sent: Tuesday, January 22, 2008 12:41 PM To: VERITAS-BU@mailman.eng.auburn.edu Subject: [Veritas-bu] sniff...bpgp is gone from 6.5 I'm looking into whether or not this is true. If it is, it's time for an email campaign. Some see it as a security hole, and I think that's ridiculous. Anybody who is root/Administrator on a NetBackup master can push any file to any client any time they want via a backup/restore command. Removing bpgp only makes it take a few minutes instead of a few seconds. Other complaints about it over the years have been that it doesn't check for like/like. You can overwrite a directory with a file if you tell it to. For example, the following command would be VERY BAD! WRONGWAY# bpgp to client /etc/hosts /etc #DON'T DO THIS While this would be perfectly valid syntax with copy, cp, rcp, mv, etc, it is NOT proper syntax with bpgp. The command above would overwrite the /etc DIRECTORY with /etc/hosts, which, of course, would not be good for your client. (Some have even overwritten their root mount point.) Perhaps they got too many calls from people that did just that. Of course, about five lines of code could have fixed that problem. It doesn't allow you to copy a directory, but it doesn't check if what you're copying to is a directory. A simple check that the target file is or is not a directory would have sufficed. If it was a directory, it could just exit with error. But they chose instead to just pretend the command didn't exist. It's not documented; there's not even a Usage statement in the command itself, even if you do strings. If you call support and complain they tell you it's not supported. +-- |This was sent by [EMAIL PROTECTED] via Backup Central. |Forward SPAM to [EMAIL PROTECTED] +-- ___ Veritas-bu maillist - Veritas-bu@mailman.eng.auburn.edu http://mailman.eng.auburn.edu/mailman/listinfo/veritas-bu __ The information contained in this message is proprietary and/or confidential. If you are not the intended recipient, please: (i) delete the message and all copies; (ii) do not disclose, distribute or use the message in any manner; and (iii) notify the sender immediately. In addition, please be aware that any message addressed to our domain is subject to archiving and review by persons other than the intended recipient. Thank you. _ ___ Veritas-bu maillist - Veritas-bu@mailman.eng.auburn.edu http://mailman.eng.auburn.edu/mailman/listinfo/veritas-bu ___ Veritas-bu maillist - Veritas-bu@mailman.eng.auburn.edu http://mailman.eng.auburn.edu/mailman/listinfo/veritas-bu
Re: [Veritas-bu] sniff...bpgp is gone from 6.5
Somebody please check to see if bpdir still exists in NB 6.5 -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of cpreston Sent: Tuesday, January 22, 2008 12:41 PM To: VERITAS-BU@mailman.eng.auburn.edu Subject: [Veritas-bu] sniff...bpgp is gone from 6.5 I'm looking into whether or not this is true. If it is, it's time for an email campaign. Some see it as a security hole, and I think that's ridiculous. Anybody who is root/Administrator on a NetBackup master can push any file to any client any time they want via a backup/restore command. Removing bpgp only makes it take a few minutes instead of a few seconds. Other complaints about it over the years have been that it doesn't check for like/like. You can overwrite a directory with a file if you tell it to. For example, the following command would be VERY BAD! WRONGWAY# bpgp to client /etc/hosts /etc #DON'T DO THIS While this would be perfectly valid syntax with copy, cp, rcp, mv, etc, it is NOT proper syntax with bpgp. The command above would overwrite the /etc DIRECTORY with /etc/hosts, which, of course, would not be good for your client. (Some have even overwritten their root mount point.) Perhaps they got too many calls from people that did just that. Of course, about five lines of code could have fixed that problem. It doesn't allow you to copy a directory, but it doesn't check if what you're copying to is a directory. A simple check that the target file is or is not a directory would have sufficed. If it was a directory, it could just exit with error. But they chose instead to just pretend the command didn't exist. It's not documented; there's not even a Usage statement in the command itself, even if you do strings. If you call support and complain they tell you it's not supported. +-- |This was sent by [EMAIL PROTECTED] via Backup Central. |Forward SPAM to [EMAIL PROTECTED] +-- ___ Veritas-bu maillist - Veritas-bu@mailman.eng.auburn.edu http://mailman.eng.auburn.edu/mailman/listinfo/veritas-bu __ The information contained in this message is proprietary and/or confidential. If you are not the intended recipient, please: (i) delete the message and all copies; (ii) do not disclose, distribute or use the message in any manner; and (iii) notify the sender immediately. In addition, please be aware that any message addressed to our domain is subject to archiving and review by persons other than the intended recipient. Thank you. _ ___ Veritas-bu maillist - Veritas-bu@mailman.eng.auburn.edu http://mailman.eng.auburn.edu/mailman/listinfo/veritas-bu
Re: [Veritas-bu] sniff...bpgp is gone from 6.5
The need to distribute client binary upgrades still exists. What method is used now? Can you mine the update_clients script (if it is indeed a script). I'm still at 6.0.5. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of WEAVER, Simon (external) Sent: Tuesday, January 22, 2008 10:59 AM To: Stump, Bob A; VERITAS-BU@mailman.eng.auburn.edu Subject: Re: [Veritas-bu] sniff...bpgp is gone from 6.5 Cant get to a test lab, but found this... https://forums.symantec.com/syment/board/message?board.id=21message.id= 40520 Simon -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Stump, Bob A Sent: Tuesday, January 22, 2008 5:56 PM To: VERITAS-BU@mailman.eng.auburn.edu Subject: Re: [Veritas-bu] sniff...bpgp is gone from 6.5 Somebody please check to see if bpdir still exists in NB 6.5 -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of cpreston Sent: Tuesday, January 22, 2008 12:41 PM To: VERITAS-BU@mailman.eng.auburn.edu Subject: [Veritas-bu] sniff...bpgp is gone from 6.5 I'm looking into whether or not this is true. If it is, it's time for an email campaign. Some see it as a security hole, and I think that's ridiculous. Anybody who is root/Administrator on a NetBackup master can push any file to any client any time they want via a backup/restore command. Removing bpgp only makes it take a few minutes instead of a few seconds. Other complaints about it over the years have been that it doesn't check for like/like. You can overwrite a directory with a file if you tell it to. For example, the following command would be VERY BAD! WRONGWAY# bpgp to client /etc/hosts /etc #DON'T DO THIS While this would be perfectly valid syntax with copy, cp, rcp, mv, etc, it is NOT proper syntax with bpgp. The command above would overwrite the /etc DIRECTORY with /etc/hosts, which, of course, would not be good for your client. (Some have even overwritten their root mount point.) Perhaps they got too many calls from people that did just that. Of course, about five lines of code could have fixed that problem. It doesn't allow you to copy a directory, but it doesn't check if what you're copying to is a directory. A simple check that the target file is or is not a directory would have sufficed. If it was a directory, it could just exit with error. But they chose instead to just pretend the command didn't exist. It's not documented; there's not even a Usage statement in the command itself, even if you do strings. If you call support and complain they tell you it's not supported. +-- |This was sent by [EMAIL PROTECTED] via Backup Central. Forward |SPAM to [EMAIL PROTECTED] +-- ___ Veritas-bu maillist - Veritas-bu@mailman.eng.auburn.edu http://mailman.eng.auburn.edu/mailman/listinfo/veritas-bu __ The information contained in this message is proprietary and/or confidential. If you are not the intended recipient, please: (i) delete the message and all copies; (ii) do not disclose, distribute or use the message in any manner; and (iii) notify the sender immediately. In addition, please be aware that any message addressed to our domain is subject to archiving and review by persons other than the intended recipient. Thank you. _ ___ Veritas-bu maillist - Veritas-bu@mailman.eng.auburn.edu http://mailman.eng.auburn.edu/mailman/listinfo/veritas-bu This email (including any attachments) may contain confidential and/or privileged information or information otherwise protected from disclosure. If you are not the intended recipient, please notify the sender immediately, do not copy this message or any attachments and do not use it for any purpose or disclose its content to any person, but delete this message and any attachments from your system. Astrium disclaims any and all liability if this email transmission was virus corrupted, altered or falsified. - Astrium Limited, Registered in England and Wales No. 2449259 REGISTERED OFFICE:- Gunnels Wood Road, Stevenage, Hertfordshire, SG1 2AS, England ___ Veritas-bu maillist - Veritas-bu@mailman.eng.auburn.edu http://mailman.eng.auburn.edu/mailman/listinfo/veritas-bu ___ Veritas-bu maillist - Veritas-bu@mailman.eng.auburn.edu http://mailman.eng.auburn.edu/mailman/listinfo/veritas-bu
Re: [Veritas-bu] sniff...bpgp is gone from 6.5
What about the new nbgp: # ls -l /usr/openv/netbackup/bin/*gp /usr/openv/netbackup/bin/nbgp The old syntax apparently doesn't work. What DOES work? (Let's not try this on a production system, shall we?) Also, is the new nbgp on Windows? --- W. Curtis Preston Backup Blog @ www.backupcentral.com VP Data Protection, GlassHouse Technologies -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Kevin Whittaker Sent: Tuesday, January 22, 2008 10:17 AM To: Stump, Bob A; VERITAS-BU@mailman.eng.auburn.edu Subject: Re: [Veritas-bu] sniff...bpgp is gone from 6.5 nope... that is gone. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Stump, Bob A Sent: Tuesday, January 22, 2008 12:56 PM To: VERITAS-BU@mailman.eng.auburn.edu Subject: Re: [Veritas-bu] sniff...bpgp is gone from 6.5 Somebody please check to see if bpdir still exists in NB 6.5 -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of cpreston Sent: Tuesday, January 22, 2008 12:41 PM To: VERITAS-BU@mailman.eng.auburn.edu Subject: [Veritas-bu] sniff...bpgp is gone from 6.5 I'm looking into whether or not this is true. If it is, it's time for an email campaign. Some see it as a security hole, and I think that's ridiculous. Anybody who is root/Administrator on a NetBackup master can push any file to any client any time they want via a backup/restore command. Removing bpgp only makes it take a few minutes instead of a few seconds. Other complaints about it over the years have been that it doesn't check for like/like. You can overwrite a directory with a file if you tell it to. For example, the following command would be VERY BAD! WRONGWAY# bpgp to client /etc/hosts /etc #DON'T DO THIS While this would be perfectly valid syntax with copy, cp, rcp, mv, etc, it is NOT proper syntax with bpgp. The command above would overwrite the /etc DIRECTORY with /etc/hosts, which, of course, would not be good for your client. (Some have even overwritten their root mount point.) Perhaps they got too many calls from people that did just that. Of course, about five lines of code could have fixed that problem. It doesn't allow you to copy a directory, but it doesn't check if what you're copying to is a directory. A simple check that the target file is or is not a directory would have sufficed. If it was a directory, it could just exit with error. But they chose instead to just pretend the command didn't exist. It's not documented; there's not even a Usage statement in the command itself, even if you do strings. If you call support and complain they tell you it's not supported. +-- |This was sent by [EMAIL PROTECTED] via Backup Central. |Forward SPAM to [EMAIL PROTECTED] +-- ___ Veritas-bu maillist - Veritas-bu@mailman.eng.auburn.edu http://mailman.eng.auburn.edu/mailman/listinfo/veritas-bu __ The information contained in this message is proprietary and/or confidential. If you are not the intended recipient, please: (i) delete the message and all copies; (ii) do not disclose, distribute or use the message in any manner; and (iii) notify the sender immediately. In addition, please be aware that any message addressed to our domain is subject to archiving and review by persons other than the intended recipient. Thank you. _ ___ Veritas-bu maillist - Veritas-bu@mailman.eng.auburn.edu http://mailman.eng.auburn.edu/mailman/listinfo/veritas-bu ___ Veritas-bu maillist - Veritas-bu@mailman.eng.auburn.edu http://mailman.eng.auburn.edu/mailman/listinfo/veritas-bu ___ Veritas-bu maillist - Veritas-bu@mailman.eng.auburn.edu http://mailman.eng.auburn.edu/mailman/listinfo/veritas-bu
Re: [Veritas-bu] sniff...bpgp is gone from 6.5
bpdir is LONG GONE! too Bob Stump Fidelity Information Services ENT STORAGE MANAGEMENT - TAPE Mobile (269)832-0293 -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of cpreston Sent: Tuesday, January 22, 2008 12:41 PM To: VERITAS-BU@mailman.eng.auburn.edu Subject: [Veritas-bu] sniff...bpgp is gone from 6.5 I'm looking into whether or not this is true. If it is, it's time for an email campaign. Some see it as a security hole, and I think that's ridiculous. Anybody who is root/Administrator on a NetBackup master can push any file to any client any time they want via a backup/restore command. Removing bpgp only makes it take a few minutes instead of a few seconds. Other complaints about it over the years have been that it doesn't check for like/like. You can overwrite a directory with a file if you tell it to. For example, the following command would be VERY BAD! WRONGWAY# bpgp to client /etc/hosts /etc #DON'T DO THIS While this would be perfectly valid syntax with copy, cp, rcp, mv, etc, it is NOT proper syntax with bpgp. The command above would overwrite the /etc DIRECTORY with /etc/hosts, which, of course, would not be good for your client. (Some have even overwritten their root mount point.) Perhaps they got too many calls from people that did just that. Of course, about five lines of code could have fixed that problem. It doesn't allow you to copy a directory, but it doesn't check if what you're copying to is a directory. A simple check that the target file is or is not a directory would have sufficed. If it was a directory, it could just exit with error. But they chose instead to just pretend the command didn't exist. It's not documented; there's not even a Usage statement in the command itself, even if you do strings. If you call support and complain they tell you it's not supported. +-- |This was sent by [EMAIL PROTECTED] via Backup Central. |Forward SPAM to [EMAIL PROTECTED] +-- ___ Veritas-bu maillist - Veritas-bu@mailman.eng.auburn.edu http://mailman.eng.auburn.edu/mailman/listinfo/veritas-bu __ The information contained in this message is proprietary and/or confidential. If you are not the intended recipient, please: (i) delete the message and all copies; (ii) do not disclose, distribute or use the message in any manner; and (iii) notify the sender immediately. In addition, please be aware that any message addressed to our domain is subject to archiving and review by persons other than the intended recipient. Thank you. _ ___ Veritas-bu maillist - Veritas-bu@mailman.eng.auburn.edu http://mailman.eng.auburn.edu/mailman/listinfo/veritas-bu
Re: [Veritas-bu] sniff...bpgp is gone from 6.5
nb instead of bp? Are they finally trying to get away from backup plus? -Original Message- From: Curtis Preston [mailto:[EMAIL PROTECTED] Sent: Tuesday, January 22, 2008 1:32 PM To: Kevin Whittaker; Stump, Bob A; VERITAS-BU@mailman.eng.auburn.edu Subject: RE: [Veritas-bu] sniff...bpgp is gone from 6.5 What about the new nbgp: # ls -l /usr/openv/netbackup/bin/*gp /usr/openv/netbackup/bin/nbgp The old syntax apparently doesn't work. What DOES work? (Let's not try this on a production system, shall we?) Also, is the new nbgp on Windows? --- W. Curtis Preston Backup Blog @ www.backupcentral.com VP Data Protection, GlassHouse Technologies -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Kevin Whittaker Sent: Tuesday, January 22, 2008 10:17 AM To: Stump, Bob A; VERITAS-BU@mailman.eng.auburn.edu Subject: Re: [Veritas-bu] sniff...bpgp is gone from 6.5 nope... that is gone. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Stump, Bob A Sent: Tuesday, January 22, 2008 12:56 PM To: VERITAS-BU@mailman.eng.auburn.edu Subject: Re: [Veritas-bu] sniff...bpgp is gone from 6.5 Somebody please check to see if bpdir still exists in NB 6.5 -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of cpreston Sent: Tuesday, January 22, 2008 12:41 PM To: VERITAS-BU@mailman.eng.auburn.edu Subject: [Veritas-bu] sniff...bpgp is gone from 6.5 I'm looking into whether or not this is true. If it is, it's time for an email campaign. Some see it as a security hole, and I think that's ridiculous. Anybody who is root/Administrator on a NetBackup master can push any file to any client any time they want via a backup/restore command. Removing bpgp only makes it take a few minutes instead of a few seconds. Other complaints about it over the years have been that it doesn't check for like/like. You can overwrite a directory with a file if you tell it to. For example, the following command would be VERY BAD! WRONGWAY# bpgp to client /etc/hosts /etc #DON'T DO THIS While this would be perfectly valid syntax with copy, cp, rcp, mv, etc, it is NOT proper syntax with bpgp. The command above would overwrite the /etc DIRECTORY with /etc/hosts, which, of course, would not be good for your client. (Some have even overwritten their root mount point.) Perhaps they got too many calls from people that did just that. Of course, about five lines of code could have fixed that problem. It doesn't allow you to copy a directory, but it doesn't check if what you're copying to is a directory. A simple check that the target file is or is not a directory would have sufficed. If it was a directory, it could just exit with error. But they chose instead to just pretend the command didn't exist. It's not documented; there's not even a Usage statement in the command itself, even if you do strings. If you call support and complain they tell you it's not supported. +-- |This was sent by [EMAIL PROTECTED] via Backup Central. |Forward SPAM to [EMAIL PROTECTED] +-- ___ Veritas-bu maillist - Veritas-bu@mailman.eng.auburn.edu http://mailman.eng.auburn.edu/mailman/listinfo/veritas-bu __ The information contained in this message is proprietary and/or confidential. If you are not the intended recipient, please: (i) delete the message and all copies; (ii) do not disclose, distribute or use the message in any manner; and (iii) notify the sender immediately. In addition, please be aware that any message addressed to our domain is subject to archiving and review by persons other than the intended recipient. Thank you. _ ___ Veritas-bu maillist - Veritas-bu@mailman.eng.auburn.edu http://mailman.eng.auburn.edu/mailman/listinfo/veritas-bu ___ Veritas-bu maillist - Veritas-bu@mailman.eng.auburn.edu http://mailman.eng.auburn.edu/mailman/listinfo/veritas-bu __ The information contained in this message is proprietary and/or confidential. If you are not the intended recipient, please: (i) delete the message and all copies; (ii) do not disclose, distribute or use the message in any manner; and (iii) notify the sender immediately. In addition, please be aware that any message addressed to our domain is subject to archiving and review by persons other than the intended recipient. Thank you. _ ___ Veritas-bu maillist - Veritas-bu@mailman.eng.auburn.edu http://mailman.eng.auburn.edu/mailman/listinfo/veritas-bu
Re: [Veritas-bu] sniff...bpgp is gone from 6.5
Hey, Simon. Did you notice that Bob was the author of the post you gave a URL to? ;) --- W. Curtis Preston Backup Blog @ www.backupcentral.com VP Data Protection, GlassHouse Technologies -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of WEAVER, Simon (external) Sent: Tuesday, January 22, 2008 9:59 AM To: Stump, Bob A; VERITAS-BU@mailman.eng.auburn.edu Subject: Re: [Veritas-bu] sniff...bpgp is gone from 6.5 Cant get to a test lab, but found this... https://forums.symantec.com/syment/board/message?board.id=21message.id= 40520 Simon -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Stump, Bob A Sent: Tuesday, January 22, 2008 5:56 PM To: VERITAS-BU@mailman.eng.auburn.edu Subject: Re: [Veritas-bu] sniff...bpgp is gone from 6.5 Somebody please check to see if bpdir still exists in NB 6.5 -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of cpreston Sent: Tuesday, January 22, 2008 12:41 PM To: VERITAS-BU@mailman.eng.auburn.edu Subject: [Veritas-bu] sniff...bpgp is gone from 6.5 I'm looking into whether or not this is true. If it is, it's time for an email campaign. Some see it as a security hole, and I think that's ridiculous. Anybody who is root/Administrator on a NetBackup master can push any file to any client any time they want via a backup/restore command. Removing bpgp only makes it take a few minutes instead of a few seconds. Other complaints about it over the years have been that it doesn't check for like/like. You can overwrite a directory with a file if you tell it to. For example, the following command would be VERY BAD! WRONGWAY# bpgp to client /etc/hosts /etc #DON'T DO THIS While this would be perfectly valid syntax with copy, cp, rcp, mv, etc, it is NOT proper syntax with bpgp. The command above would overwrite the /etc DIRECTORY with /etc/hosts, which, of course, would not be good for your client. (Some have even overwritten their root mount point.) Perhaps they got too many calls from people that did just that. Of course, about five lines of code could have fixed that problem. It doesn't allow you to copy a directory, but it doesn't check if what you're copying to is a directory. A simple check that the target file is or is not a directory would have sufficed. If it was a directory, it could just exit with error. But they chose instead to just pretend the command didn't exist. It's not documented; there's not even a Usage statement in the command itself, even if you do strings. If you call support and complain they tell you it's not supported. +-- |This was sent by [EMAIL PROTECTED] via Backup Central. Forward |SPAM to [EMAIL PROTECTED] +-- ___ Veritas-bu maillist - Veritas-bu@mailman.eng.auburn.edu http://mailman.eng.auburn.edu/mailman/listinfo/veritas-bu __ The information contained in this message is proprietary and/or confidential. If you are not the intended recipient, please: (i) delete the message and all copies; (ii) do not disclose, distribute or use the message in any manner; and (iii) notify the sender immediately. In addition, please be aware that any message addressed to our domain is subject to archiving and review by persons other than the intended recipient. Thank you. _ ___ Veritas-bu maillist - Veritas-bu@mailman.eng.auburn.edu http://mailman.eng.auburn.edu/mailman/listinfo/veritas-bu This email (including any attachments) may contain confidential and/or privileged information or information otherwise protected from disclosure. If you are not the intended recipient, please notify the sender immediately, do not copy this message or any attachments and do not use it for any purpose or disclose its content to any person, but delete this message and any attachments from your system. Astrium disclaims any and all liability if this email transmission was virus corrupted, altered or falsified. - Astrium Limited, Registered in England and Wales No. 2449259 REGISTERED OFFICE:- Gunnels Wood Road, Stevenage, Hertfordshire, SG1 2AS, England ___ Veritas-bu maillist - Veritas-bu@mailman.eng.auburn.edu http://mailman.eng.auburn.edu/mailman/listinfo/veritas-bu ___ Veritas-bu maillist - Veritas-bu@mailman.eng.auburn.edu http://mailman.eng.auburn.edu/mailman/listinfo/veritas-bu
Re: [Veritas-bu] sniff...bpgp is gone from 6.5
On Jan 22, 2008 11:15 AM, Stump, Bob A [EMAIL PROTECTED] wrote: Yes, the beloved bpgp is gone from NetBackup 6.5. Worse, restoring bpgp from a 6.0 backup does not help. Not only bpgp, but bpdir is gone too. Both massive security holes (probably why they were removed) but used frequently. .../Ed -- Ed Wilts, Mounds View, MN, USA mailto:[EMAIL PROTECTED] ___ Veritas-bu maillist - Veritas-bu@mailman.eng.auburn.edu http://mailman.eng.auburn.edu/mailman/listinfo/veritas-bu
Re: [Veritas-bu] sniff...bpgp is gone from 6.5
Soon there will nothing of Control Data programs left. :( Oh, for the days of 1.7. :) Regards, Patrick Whelan Whelan Consulting Limited VERITAS Certified NetBackup Support Engineer for UNIX. VERITAS Certified NetBackup Support Engineer for Microsoft Windows. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Stump, Bob A Sent: 22 January 2008 18:40 To: Curtis Preston; Kevin Whittaker; VERITAS-BU@mailman.eng.auburn.edu Subject: Re: [Veritas-bu] sniff...bpgp is gone from 6.5 nb instead of bp? Are they finally trying to get away from backup plus? -Original Message- From: Curtis Preston [mailto:[EMAIL PROTECTED] Sent: Tuesday, January 22, 2008 1:32 PM To: Kevin Whittaker; Stump, Bob A; VERITAS-BU@mailman.eng.auburn.edu Subject: RE: [Veritas-bu] sniff...bpgp is gone from 6.5 What about the new nbgp: # ls -l /usr/openv/netbackup/bin/*gp /usr/openv/netbackup/bin/nbgp The old syntax apparently doesn't work. What DOES work? (Let's not try this on a production system, shall we?) Also, is the new nbgp on Windows? --- W. Curtis Preston Backup Blog @ www.backupcentral.com VP Data Protection, GlassHouse Technologies -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Kevin Whittaker Sent: Tuesday, January 22, 2008 10:17 AM To: Stump, Bob A; VERITAS-BU@mailman.eng.auburn.edu Subject: Re: [Veritas-bu] sniff...bpgp is gone from 6.5 nope... that is gone. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Stump, Bob A Sent: Tuesday, January 22, 2008 12:56 PM To: VERITAS-BU@mailman.eng.auburn.edu Subject: Re: [Veritas-bu] sniff...bpgp is gone from 6.5 Somebody please check to see if bpdir still exists in NB 6.5 -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of cpreston Sent: Tuesday, January 22, 2008 12:41 PM To: VERITAS-BU@mailman.eng.auburn.edu Subject: [Veritas-bu] sniff...bpgp is gone from 6.5 I'm looking into whether or not this is true. If it is, it's time for an email campaign. Some see it as a security hole, and I think that's ridiculous. Anybody who is root/Administrator on a NetBackup master can push any file to any client any time they want via a backup/restore command. Removing bpgp only makes it take a few minutes instead of a few seconds. Other complaints about it over the years have been that it doesn't check for like/like. You can overwrite a directory with a file if you tell it to. For example, the following command would be VERY BAD! WRONGWAY# bpgp to client /etc/hosts /etc #DON'T DO THIS While this would be perfectly valid syntax with copy, cp, rcp, mv, etc, it is NOT proper syntax with bpgp. The command above would overwrite the /etc DIRECTORY with /etc/hosts, which, of course, would not be good for your client. (Some have even overwritten their root mount point.) Perhaps they got too many calls from people that did just that. Of course, about five lines of code could have fixed that problem. It doesn't allow you to copy a directory, but it doesn't check if what you're copying to is a directory. A simple check that the target file is or is not a directory would have sufficed. If it was a directory, it could just exit with error. But they chose instead to just pretend the command didn't exist. It's not documented; there's not even a Usage statement in the command itself, even if you do strings. If you call support and complain they tell you it's not supported. +-- |This was sent by [EMAIL PROTECTED] via Backup Central. |Forward SPAM to [EMAIL PROTECTED] +-- ___ Veritas-bu maillist - Veritas-bu@mailman.eng.auburn.edu http://mailman.eng.auburn.edu/mailman/listinfo/veritas-bu __ The information contained in this message is proprietary and/or confidential. If you are not the intended recipient, please: (i) delete the message and all copies; (ii) do not disclose, distribute or use the message in any manner; and (iii) notify the sender immediately. In addition, please be aware that any message addressed to our domain is subject to archiving and review by persons other than the intended recipient. Thank you. _ ___ Veritas-bu maillist - Veritas-bu@mailman.eng.auburn.edu http://mailman.eng.auburn.edu/mailman/listinfo/veritas-bu ___ Veritas-bu maillist - Veritas-bu@mailman.eng.auburn.edu http://mailman.eng.auburn.edu/mailman/listinfo/veritas-bu __ The information contained in this message is proprietary and/or confidential. If you are not the intended recipient, please: (i) delete the message and all copies; (ii) do not disclose, distribute or use the message in any manner; and (iii) notify
Re: [Veritas-bu] sniff...bpgp is gone from 6.5
bpdir is LONG GONE! too What about nbdir? ___ Veritas-bu maillist - Veritas-bu@mailman.eng.auburn.edu http://mailman.eng.auburn.edu/mailman/listinfo/veritas-bu
Re: [Veritas-bu] sniff...bpgp is gone from 6.5
Nbgp.exe is not in windows 6.51 bpdir.exe still exists in windows 6.51 Doug Preston Systems Engineer Land America Tax and Flood Services Phone 626-339-5221 Ext 1104 Email [EMAIL PROTECTED] NOTICE: This electronic mail transmission may constitute a communication that is legally privileged. It is not intended for transmission to, or receipt by, any unauthorized persons. If you have received this electronic mail transmission in error, please delete it from your system without copying it, and notify the sender by reply e-mail, so that our address record can be corrected. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Curtis Preston Sent: Tuesday, January 22, 2008 10:32 AM To: Kevin Whittaker; Stump, Bob A; VERITAS-BU@mailman.eng.auburn.edu Subject: Re: [Veritas-bu] sniff...bpgp is gone from 6.5 What about the new nbgp: # ls -l /usr/openv/netbackup/bin/*gp /usr/openv/netbackup/bin/nbgp The old syntax apparently doesn't work. What DOES work? (Let's not try this on a production system, shall we?) Also, is the new nbgp on Windows? --- W. Curtis Preston Backup Blog @ www.backupcentral.com VP Data Protection, GlassHouse Technologies -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Kevin Whittaker Sent: Tuesday, January 22, 2008 10:17 AM To: Stump, Bob A; VERITAS-BU@mailman.eng.auburn.edu Subject: Re: [Veritas-bu] sniff...bpgp is gone from 6.5 nope... that is gone. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Stump, Bob A Sent: Tuesday, January 22, 2008 12:56 PM To: VERITAS-BU@mailman.eng.auburn.edu Subject: Re: [Veritas-bu] sniff...bpgp is gone from 6.5 Somebody please check to see if bpdir still exists in NB 6.5 -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of cpreston Sent: Tuesday, January 22, 2008 12:41 PM To: VERITAS-BU@mailman.eng.auburn.edu Subject: [Veritas-bu] sniff...bpgp is gone from 6.5 I'm looking into whether or not this is true. If it is, it's time for an email campaign. Some see it as a security hole, and I think that's ridiculous. Anybody who is root/Administrator on a NetBackup master can push any file to any client any time they want via a backup/restore command. Removing bpgp only makes it take a few minutes instead of a few seconds. Other complaints about it over the years have been that it doesn't check for like/like. You can overwrite a directory with a file if you tell it to. For example, the following command would be VERY BAD! WRONGWAY# bpgp to client /etc/hosts /etc #DON'T DO THIS While this would be perfectly valid syntax with copy, cp, rcp, mv, etc, it is NOT proper syntax with bpgp. The command above would overwrite the /etc DIRECTORY with /etc/hosts, which, of course, would not be good for your client. (Some have even overwritten their root mount point.) Perhaps they got too many calls from people that did just that. Of course, about five lines of code could have fixed that problem. It doesn't allow you to copy a directory, but it doesn't check if what you're copying to is a directory. A simple check that the target file is or is not a directory would have sufficed. If it was a directory, it could just exit with error. But they chose instead to just pretend the command didn't exist. It's not documented; there's not even a Usage statement in the command itself, even if you do strings. If you call support and complain they tell you it's not supported. +-- |This was sent by [EMAIL PROTECTED] via Backup Central. |Forward SPAM to [EMAIL PROTECTED] +-- ___ Veritas-bu maillist - Veritas-bu@mailman.eng.auburn.edu http://mailman.eng.auburn.edu/mailman/listinfo/veritas-bu __ The information contained in this message is proprietary and/or confidential. If you are not the intended recipient, please: (i) delete the message and all copies; (ii) do not disclose, distribute or use the message in any manner; and (iii) notify the sender immediately. In addition, please be aware that any message addressed to our domain is subject to archiving and review by persons other than the intended recipient. Thank you. _ ___ Veritas-bu maillist - Veritas-bu@mailman.eng.auburn.edu http://mailman.eng.auburn.edu/mailman/listinfo/veritas-bu ___ Veritas-bu maillist - Veritas-bu@mailman.eng.auburn.edu http://mailman.eng.auburn.edu/mailman/listinfo/veritas-bu ___ Veritas-bu maillist - Veritas-bu
Re: [Veritas-bu] sniff...bpgp is gone from 6.5
My bad, that is left over from a previous version. Doug Preston Systems Engineer Land America Tax and Flood Services Phone 626-339-5221 Ext 1104 Email [EMAIL PROTECTED] NOTICE: This electronic mail transmission may constitute a communication that is legally privileged. It is not intended for transmission to, or receipt by, any unauthorized persons. If you have received this electronic mail transmission in error, please delete it from your system without copying it, and notify the sender by reply e-mail, so that our address record can be corrected. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Preston, Douglas L Sent: Tuesday, January 22, 2008 1:50 PM To: Curtis Preston; Kevin Whittaker; Stump, Bob A; VERITAS-BU@mailman.eng.auburn.edu Subject: Re: [Veritas-bu] sniff...bpgp is gone from 6.5 Nbgp.exe is not in windows 6.51 bpdir.exe still exists in windows 6.51 Doug Preston Systems Engineer Land America Tax and Flood Services Phone 626-339-5221 Ext 1104 Email [EMAIL PROTECTED] NOTICE: This electronic mail transmission may constitute a communication that is legally privileged. It is not intended for transmission to, or receipt by, any unauthorized persons. If you have received this electronic mail transmission in error, please delete it from your system without copying it, and notify the sender by reply e-mail, so that our address record can be corrected. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Curtis Preston Sent: Tuesday, January 22, 2008 10:32 AM To: Kevin Whittaker; Stump, Bob A; VERITAS-BU@mailman.eng.auburn.edu Subject: Re: [Veritas-bu] sniff...bpgp is gone from 6.5 What about the new nbgp: # ls -l /usr/openv/netbackup/bin/*gp /usr/openv/netbackup/bin/nbgp The old syntax apparently doesn't work. What DOES work? (Let's not try this on a production system, shall we?) Also, is the new nbgp on Windows? --- W. Curtis Preston Backup Blog @ www.backupcentral.com VP Data Protection, GlassHouse Technologies -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Kevin Whittaker Sent: Tuesday, January 22, 2008 10:17 AM To: Stump, Bob A; VERITAS-BU@mailman.eng.auburn.edu Subject: Re: [Veritas-bu] sniff...bpgp is gone from 6.5 nope... that is gone. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Stump, Bob A Sent: Tuesday, January 22, 2008 12:56 PM To: VERITAS-BU@mailman.eng.auburn.edu Subject: Re: [Veritas-bu] sniff...bpgp is gone from 6.5 Somebody please check to see if bpdir still exists in NB 6.5 -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of cpreston Sent: Tuesday, January 22, 2008 12:41 PM To: VERITAS-BU@mailman.eng.auburn.edu Subject: [Veritas-bu] sniff...bpgp is gone from 6.5 I'm looking into whether or not this is true. If it is, it's time for an email campaign. Some see it as a security hole, and I think that's ridiculous. Anybody who is root/Administrator on a NetBackup master can push any file to any client any time they want via a backup/restore command. Removing bpgp only makes it take a few minutes instead of a few seconds. Other complaints about it over the years have been that it doesn't check for like/like. You can overwrite a directory with a file if you tell it to. For example, the following command would be VERY BAD! WRONGWAY# bpgp to client /etc/hosts /etc #DON'T DO THIS While this would be perfectly valid syntax with copy, cp, rcp, mv, etc, it is NOT proper syntax with bpgp. The command above would overwrite the /etc DIRECTORY with /etc/hosts, which, of course, would not be good for your client. (Some have even overwritten their root mount point.) Perhaps they got too many calls from people that did just that. Of course, about five lines of code could have fixed that problem. It doesn't allow you to copy a directory, but it doesn't check if what you're copying to is a directory. A simple check that the target file is or is not a directory would have sufficed. If it was a directory, it could just exit with error. But they chose instead to just pretend the command didn't exist. It's not documented; there's not even a Usage statement in the command itself, even if you do strings. If you call support and complain they tell you it's not supported. +-- |This was sent by [EMAIL PROTECTED] via Backup Central. |Forward SPAM to [EMAIL PROTECTED
Re: [Veritas-bu] sniff...bpgp is gone from 6.5
I did after sending it, but also thought someone else may add to the link, partly why I posted it! But it looks like it has gone Bob :-) Simon -Original Message- From: Curtis Preston [mailto:[EMAIL PROTECTED] Sent: Tuesday, January 22, 2008 6:27 PM To: WEAVER, Simon (external); Stump, Bob A; VERITAS-BU@mailman.eng.auburn.edu Subject: RE: [Veritas-bu] sniff...bpgp is gone from 6.5 Hey, Simon. Did you notice that Bob was the author of the post you gave a URL to? ;) --- W. Curtis Preston Backup Blog @ www.backupcentral.com VP Data Protection, GlassHouse Technologies -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of WEAVER, Simon (external) Sent: Tuesday, January 22, 2008 9:59 AM To: Stump, Bob A; VERITAS-BU@mailman.eng.auburn.edu Subject: Re: [Veritas-bu] sniff...bpgp is gone from 6.5 Cant get to a test lab, but found this... https://forums.symantec.com/syment/board/message?board.id=21message.id= 40520 Simon -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Stump, Bob A Sent: Tuesday, January 22, 2008 5:56 PM To: VERITAS-BU@mailman.eng.auburn.edu Subject: Re: [Veritas-bu] sniff...bpgp is gone from 6.5 Somebody please check to see if bpdir still exists in NB 6.5 -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of cpreston Sent: Tuesday, January 22, 2008 12:41 PM To: VERITAS-BU@mailman.eng.auburn.edu Subject: [Veritas-bu] sniff...bpgp is gone from 6.5 I'm looking into whether or not this is true. If it is, it's time for an email campaign. Some see it as a security hole, and I think that's ridiculous. Anybody who is root/Administrator on a NetBackup master can push any file to any client any time they want via a backup/restore command. Removing bpgp only makes it take a few minutes instead of a few seconds. Other complaints about it over the years have been that it doesn't check for like/like. You can overwrite a directory with a file if you tell it to. For example, the following command would be VERY BAD! WRONGWAY# bpgp to client /etc/hosts /etc #DON'T DO THIS While this would be perfectly valid syntax with copy, cp, rcp, mv, etc, it is NOT proper syntax with bpgp. The command above would overwrite the /etc DIRECTORY with /etc/hosts, which, of course, would not be good for your client. (Some have even overwritten their root mount point.) Perhaps they got too many calls from people that did just that. Of course, about five lines of code could have fixed that problem. It doesn't allow you to copy a directory, but it doesn't check if what you're copying to is a directory. A simple check that the target file is or is not a directory would have sufficed. If it was a directory, it could just exit with error. But they chose instead to just pretend the command didn't exist. It's not documented; there's not even a Usage statement in the command itself, even if you do strings. If you call support and complain they tell you it's not supported. +-- |This was sent by [EMAIL PROTECTED] via Backup Central. Forward |SPAM to [EMAIL PROTECTED] +-- ___ Veritas-bu maillist - Veritas-bu@mailman.eng.auburn.edu http://mailman.eng.auburn.edu/mailman/listinfo/veritas-bu __ The information contained in this message is proprietary and/or confidential. If you are not the intended recipient, please: (i) delete the message and all copies; (ii) do not disclose, distribute or use the message in any manner; and (iii) notify the sender immediately. In addition, please be aware that any message addressed to our domain is subject to archiving and review by persons other than the intended recipient. Thank you. _ ___ Veritas-bu maillist - Veritas-bu@mailman.eng.auburn.edu http://mailman.eng.auburn.edu/mailman/listinfo/veritas-bu This email (including any attachments) may contain confidential and/or privileged information or information otherwise protected from disclosure. If you are not the intended recipient, please notify the sender immediately, do not copy this message or any attachments and do not use it for any purpose or disclose its content to any person, but delete this message and any attachments from your system. Astrium disclaims any and all liability if this email transmission was virus corrupted, altered or falsified. - Astrium Limited, Registered in England and Wales No. 2449259 REGISTERED OFFICE:- Gunnels Wood Road, Stevenage, Hertfordshire, SG1 2AS, England ___ Veritas-bu maillist - Veritas-bu@mailman.eng.auburn.edu http://mailman.eng.auburn.edu/mailman/listinfo/veritas-bu This email (including any