From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from pigeon.gentoo.org ([208.92.234.80] helo=lists.gentoo.org) by finch.gentoo.org with esmtp (Exim 4.60) (envelope-from ) id 1NkiDj-0003Kk-Fa for garchives@archives.gentoo.org; Thu, 25 Feb 2010 18:13:55 +0000 Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id 245B8E0F5C for ; Thu, 25 Feb 2010 18:13:55 +0000 (UTC) Received: from mail.digimed.co.uk (82-69-83-178.dsl.in-addr.zen.co.uk [82.69.83.178]) by pigeon.gentoo.org (Postfix) with ESMTP id 42EEDE084D for ; Thu, 25 Feb 2010 17:45:34 +0000 (UTC) Received: from zaphod.digimed.co.uk (zaphod.digimed.co.uk [192.168.1.1]) (using TLSv1 with cipher DHE-RSA-AES128-SHA (128/128 bits)) (No client certificate requested) by mail.digimed.co.uk (Postfix) with ESMTPSA id 5EC28745D3D for ; Thu, 25 Feb 2010 17:45:32 +0000 (GMT) Date: Thu, 25 Feb 2010 17:45:22 +0000 From: Neil Bothwick To: gentoo-user@lists.gentoo.org Subject: Re: [gentoo-user] rsync backup system Message-ID: <20100225174522.73157f24@zaphod.digimed.co.uk> In-Reply-To: <201002251741.13525.alan.mckinnon@gmail.com> References: <49bf44f10911190844i5cb77185me60d5eb44ff2bfc7@mail.gmail.com> <20100224205159.71dd79be@digimed.co.uk> <201002251741.13525.alan.mckinnon@gmail.com> Organization: Digital Media Production X-Mailer: Claws Mail 3.7.5cvs23 (GTK+ 2.18.7; x86_64-pc-linux-gnu) X-GPG-Fingerprint: 7260 0F33 97EC 2F1E 7667 FE37 BA6E 1A97 4375 1903 Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-user@lists.gentoo.org Reply-to: gentoo-user@lists.gentoo.org Mime-Version: 1.0 Content-Type: multipart/signed; micalg=PGP-SHA1; boundary="Sig_/UoAzh5mKDmNvbLeflU5XNS_"; protocol="application/pgp-signature" X-Archives-Salt: 53d63406-6c07-4a1b-b2aa-99b553b3b0f6 X-Archives-Hash: 8c25e5b464996f9814cc1751961f2a74 --Sig_/UoAzh5mKDmNvbLeflU5XNS_ Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: quoted-printable On Thu, 25 Feb 2010 17:41:13 +0200, Alan McKinnon wrote: > And someone gets into your backup server, BANG! instant pwnage of every > single machine on your network. Heck, you don't even have to try and > compromise the local root account, you already have full unfettered > access to everything anyway. Which is why you don't allow access to the backup server from outside of the network, and restrict root access from inside. Because backups are initiated from the server, it doesn't actually need any ports open to do its job, although a web server is needed to run the user interface (which isn't necessary). The ebuild sets up a separate instance of Apache just for this, so even if you are already running Apache on the backup server (which is a crazy idea to start with) compromising that won't get you into the backups. > Worse, I'll bet the server software runs > as an unpriviledged user, so you can just bypass the bit where you have > to compromise root there as well. You lose :P The server runs as a restricted user, with no login shell. --=20 Neil Bothwick WinErr 042: Virus error - A virus has been activated in a dos-box. The virus, however, requires Windows. All tasks will automatically be closed and the virus will be activated again. --Sig_/UoAzh5mKDmNvbLeflU5XNS_ Content-Type: application/pgp-signature; name=signature.asc Content-Disposition: attachment; filename=signature.asc -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.14 (GNU/Linux) iEYEARECAAYFAkuGtzsACgkQum4al0N1GQNopgCZAdctbax/Bz7mJVj8pb5LjDFi EXoAoKGVWnGerziKeE7AavOA/rJylJoE =gNWl -----END PGP SIGNATURE----- --Sig_/UoAzh5mKDmNvbLeflU5XNS_--