From owner-freebsd-security Thu Mar 8 13:45:56 2001 Delivered-To: freebsd-security@freebsd.org Received: from smtppop3pub.verizon.net (smtppop3pub.gte.net [206.46.170.22]) by hub.freebsd.org (Postfix) with ESMTP id 4740537B71A for ; Thu, 8 Mar 2001 13:45:53 -0800 (PST) (envelope-from res03db2@gte.net) Received: from gte.net (evrtwa1-ar4-4-34-145-186.dsl.gtei.net [4.34.145.186]) by smtppop3pub.verizon.net with ESMTP ; id PAA126542646 Thu, 8 Mar 2001 15:41:01 -0600 (CST) Received: (from res03db2@localhost) by gte.net (8.9.3/8.9.3) id NAA49853; Thu, 8 Mar 2001 13:45:48 -0800 (PST) (envelope-from res03db2@gte.net) Date: Thu, 8 Mar 2001 13:45:48 -0800 From: Robert Clark To: Mike Tancsa Cc: freebsd-security@FreeBSD.ORG Subject: Re: "write only" fs/files ? Message-ID: <20010308134548.B49818@darkstar.gte.net> References: <5.0.2.1.0.20010308130831.03074aa0@marble.sentex.ca> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.4i In-Reply-To: <5.0.2.1.0.20010308130831.03074aa0@marble.sentex.ca>; from mike@sentex.net on Thu, Mar 08, 2001 at 01:21:01PM -0500 Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org It would be nice to figure out what it would take to "flatten" a windows filesystem so that you'd feel comfortable everything could be restored. (Except for the positional dependent files.) I've seen this done on W98, but not anything later. Of course, it'd be nice to be able to do the same sort of thing with UNIX as well. (Not much to do I know.) [RC] On Thu, Mar 08, 2001 at 01:21:01PM -0500, Mike Tancsa wrote: > > We are looking at a new network backup system and are throwing around a > number of scenarios. We have a mix of co-location servers and want to > provide a backup service to those who do not provide their own built in > tape drives. One of the ideas thrown about was some sort of one way backup > system on a large disk store. For UNIX users, rsync over ssh to a unique > userID per server is one thought. For Win32 boxes, some combo of samba > perhaps through PTPTP. > > One additional feature that would be nice to have would be to provide one > way backups somehow. i.e. the client machine dumps its data to the backup > server either into a dump file or tar file or sync'd file system via > rsync. But, for security purposes, it would be nice to somehow mark that > data once uploaded as being inaccessible to the client machine. This way > if their box gets compromised after the backup, they dont have access to > the data before it gets offloaded to tape. > > Comments ? > > ---Mike > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-security" in the body of the message To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message