Date: Mon, 12 Jan 1998 14:29:56 -0600 (CST) From: Mark Tinguely <tinguely@plains.NoDak.edu> To: dlr@insane.asylum.org, questions@FreeBSD.ORG Subject: Re: Remote dump Message-ID: <199801122029.OAA21370@plains.NoDak.edu>
next in thread | raw e-mail | index | archive | help
> As i look into this more it seems like an increased security risk. Is there
> another way of doing it? I have one 8mm exabyte tape drive and would like to
> backup three freebsd boxes without totally leaving the network wide open. I've
> got sshd and tcp_wrappers installed and working also. Perhaps the best solution
> would be to have each machine have it own backup...
I use a seperate non-priviledged account and group (remtape) on the tape server
and backup clients. remtape account on all machines have an invalid passwords
("*" in the password field in the file master.passwd) . I changed the
permissions on /sbin/rdump to be set-uid to root and ONLY executable by root
and the remtape group (setting the uid to root opens a security hole, so
restrict this to remtape). change the ownership of /etc/dumpdates to
remtape.remtape. The raw devices that need to be backed up are readable by
the remtape group. If you want to tighten the security holes, a person can
limit the lifetime of the .rhosts files (listed below), put a restricted shell
on remtape, or put a network wrapper on the remote shell facility.
The rematape account on each client machine has the .rhosts entry of:
tape_server.domain remtape
On the tape server machine, the .rhosts for remtape is available for the
time of the backup (cron just before running the backup from cron). This
could be done on the clients as well.
the advantage of using a non-priviledged account over rhost-ed root accounts
is if for some reason someone does comprimised your remtape account they
could at worse read your drives, but they can't trash your system (unless they
crack your /etc/master.passwd passwords after, but then you could argue they
could snoop the net while backup was in progress and do the same thing).
--mark.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199801122029.OAA21370>