From owner-freebsd-security Thu Mar 8 10:27:21 2001 Delivered-To: freebsd-security@freebsd.org Received: from smtp1.sentex.ca (smtp1.sentex.ca [199.212.134.4]) by hub.freebsd.org (Postfix) with ESMTP id ED75737B718 for ; Thu, 8 Mar 2001 10:27:16 -0800 (PST) (envelope-from mike@sentex.net) Received: from simoeon.sentex.net (simeon.sentex.ca [209.112.4.47]) by smtp1.sentex.ca (8.11.2/8.11.1) with ESMTP id f28IRBW38962 for ; Thu, 8 Mar 2001 13:27:11 -0500 (EST) (envelope-from mike@sentex.net) Message-Id: <5.0.2.1.0.20010308130831.03074aa0@marble.sentex.ca> X-Sender: mdtpop@marble.sentex.ca X-Mailer: QUALCOMM Windows Eudora Version 5.0.2 Date: Thu, 08 Mar 2001 13:21:01 -0500 To: freebsd-security@freebsd.org From: Mike Tancsa Subject: "write only" fs/files ? Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii"; format=flowed Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org We are looking at a new network backup system and are throwing around a number of scenarios. We have a mix of co-location servers and want to provide a backup service to those who do not provide their own built in tape drives. One of the ideas thrown about was some sort of one way backup system on a large disk store. For UNIX users, rsync over ssh to a unique userID per server is one thought. For Win32 boxes, some combo of samba perhaps through PTPTP. One additional feature that would be nice to have would be to provide one way backups somehow. i.e. the client machine dumps its data to the backup server either into a dump file or tar file or sync'd file system via rsync. But, for security purposes, it would be nice to somehow mark that data once uploaded as being inaccessible to the client machine. This way if their box gets compromised after the backup, they dont have access to the data before it gets offloaded to tape. Comments ? ---Mike To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message