From owner-freebsd-security Thu Jan 20 11:20:33 2000 Delivered-To: freebsd-security@freebsd.org Received: from cc942873-a.ewndsr1.nj.home.com (cc942873-a.ewndsr1.nj.home.com [24.2.89.207]) by hub.freebsd.org (Postfix) with ESMTP id 589E515386 for ; Thu, 20 Jan 2000 11:20:28 -0800 (PST) (envelope-from cjc@cc942873-a.ewndsr1.nj.home.com) Received: (from cjc@localhost) by cc942873-a.ewndsr1.nj.home.com (8.9.3/8.9.3) id OAA73177; Thu, 20 Jan 2000 14:22:04 -0500 (EST) (envelope-from cjc) Date: Thu, 20 Jan 2000 14:22:04 -0500 From: "Crist J. Clark" To: Robert Mooney Cc: cjclark@home.com, NoCoN FLiC , jonf@revelex.com, freebsd-security@FreeBSD.ORG Subject: Re: ssh. Message-ID: <20000120142204.C72914@cc942873-a.ewndsr1.nj.home.com> Reply-To: cjclark@home.com References: <20000120104418.A72685@cc942873-a.ewndsr1.nj.home.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii X-Mailer: Mutt 1.0i In-Reply-To: ; from rmooney@iss.net on Thu, Jan 20, 2000 at 01:46:52PM -0500 Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org On Thu, Jan 20, 2000 at 01:46:52PM -0500, Robert Mooney wrote: > > You don't have to use root for remote backups. Granted, if someone > compromises your backup account, you're in serious trouble enough, > assuming the account has read access to your drive devices. But it's > still somewhat better than using root. I was not completely clear. The machine that does the dump does not require root, the machine that receives it does. The receiving machine, restore(8)s the dump. The second machine is a backup for the first, so it keeps a "live copy" of the other's filesystem. In order to do this, the account needs root privileges. -- Crist J. Clark cjclark@home.com To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message