On Fri, Apr 15, 2016 at 05:12:40PM -0400, Alvin Starr wrote: > For things like system backups you tend to have to run as root.
Often for some parts. > Your backup device often has to be connected to the server. I have yet to > see a backup media the magicaly gets data written to it while on the shelf. > So once you have plugged in your back up media to backup and your backup > program runs wild ... your kind of screwed. That's why you have a rotation of backup devices. That way you still have a backup while creating a new one. If your only backup is connected to your system, then you have no backups at all. > I kind of think it would be possible to use selinux to insure things like > backups or system files cannot be deleted by accident. > > That would take some work to get right and I believe most systems run with > selinux disabled. > I know there are more than a few packages that I administer where they > outright say the selinux must be disabled. > > Screwing up backup software is all too easy. > I once worked for a computer company the sold systems to banks and for about > a 3 month period a bug in the tape driver software was writing blank tapes. > It was not discovered till a customer tried to restore something simple. > Fortunately nobody needed to do a real restore of important data. Well it isn't really a backup until it is verified either. Many people skip that step. I certainly have at home in many cases. > This company had a number of VERY smart people doing the coding but still > silly errors crept through. -- Len Sorensen --- Talk Mailing List [email protected] https://gtalug.org/mailman/listinfo/talk
