[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [rdiff-backup-users] Clarification of --restrict-update-only
From: |
Andrew Ferguson |
Subject: |
Re: [rdiff-backup-users] Clarification of --restrict-update-only |
Date: |
Thu, 5 Feb 2009 08:20:45 -0500 |
On Feb 5, 2009, at 8:13 AM, Dominic wrote:
The ones I think most interesting are first whether new repositories
can be created (logically yes, but does it work?), and second --
check-destination-dir (and automatic fixing of a previous failed
backup). Logically --check-destination-dir should work because the
action that rdiff-backup takes in this case is not a security risk
(it is only undoing a backup that has failed, and a malicious user
cannot use it to remove valid backups), but as it involves deleting
data on the server --restrict-update-only might prevent it. I guess
the best way to find out for sure is to create a failed backup and
try it...
Automatically repairing a failed backup will fail if you have --
restrict-update-only for exactly the reason Dominic describes. I have
thought this one through yet, but perhaps over the course of multiple
backup sessions, a malicious user could construct a source to fail in
a bad way when the repository tries to repair itself.
An administrator paranoid and involved enough to be using --restrict-
update-only is assumed to be vigilant enough to pay attention when
rdiff-backup has failed (since it will error and backtrace) and
manually intervene to repair the repository.
Regarding first creating new repositories, yes, I think that too will
be blocked. There was some discussion a few years ago about this: http://savannah.nongnu.org/bugs/?16897
... I don't remember what was resolved. I suppose we could add
os.mkdir() to the safe list.
Andrew
- Re: [rdiff-backup-users] Clarification of --restrict-update-only, (continued)
- Re: [rdiff-backup-users] Clarification of --restrict-update-only, John covici, 2009/02/04
- Re: [rdiff-backup-users] Clarification of --restrict-update-only, Chris G, 2009/02/04
- Re: [rdiff-backup-users] Clarification of --restrict-update-only, Jakob Unterwurzacher, 2009/02/04
- Re: [rdiff-backup-users] Clarification of --restrict-update-only, Dimi Paun, 2009/02/04
- Re: [rdiff-backup-users] Clarification of --restrict-update-only, Chris G, 2009/02/05
- Re: [rdiff-backup-users] Clarification of --restrict-update-only, Chris G, 2009/02/05
- Re: [rdiff-backup-users] Clarification of --restrict-update-only, Dominic, 2009/02/05
- Re: [rdiff-backup-users] Clarification of --restrict-update-only, Chris G, 2009/02/05
- Re: [rdiff-backup-users] Clarification of --restrict-update-only, Dominic, 2009/02/05
- Re: [rdiff-backup-users] Clarification of --restrict-update-only, Dominic, 2009/02/05
- Re: [rdiff-backup-users] Clarification of --restrict-update-only,
Andrew Ferguson <=
- Re: [rdiff-backup-users] Clarification of --restrict-update-only, Chris G, 2009/02/05
- Re: [rdiff-backup-users] Clarification of --restrict-update-only, Dominic, 2009/02/05
- Re: [rdiff-backup-users] Clarification of --restrict-update-only, Chris G, 2009/02/05
- Re: [rdiff-backup-users] Clarification of --restrict-update-only, Dominic, 2009/02/05
- Re: [rdiff-backup-users] Clarification of --restrict-update-only, Chris G, 2009/02/05
- Re: [rdiff-backup-users] Clarification of --restrict-update-only, Chris G, 2009/02/05