From owner-freebsd-ports@FreeBSD.ORG  Thu Jul 28 23:54:54 2005
Return-Path: <owner-freebsd-ports@FreeBSD.ORG>
X-Original-To: freebsd-ports@freebsd.org
Delivered-To: freebsd-ports@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 616F816A41F;
	Thu, 28 Jul 2005 23:54:54 +0000 (GMT)
	(envelope-from lavalamp@spiritual-machines.org)
Received: from mail.digitalfreaks.org (arbitor.digitalfreaks.org
	[216.151.95.158])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 1473F43D49;
	Thu, 28 Jul 2005 23:54:53 +0000 (GMT)
	(envelope-from lavalamp@spiritual-machines.org)
Received: by mail.digitalfreaks.org (Postfix, from userid 1022)
	id 0C45131980B; Thu, 28 Jul 2005 19:54:53 -0400 (EDT)
Received: from localhost (localhost [127.0.0.1])
	by mail.digitalfreaks.org (Postfix) with ESMTP id 0AEE131F406;
	Thu, 28 Jul 2005 19:54:53 -0400 (EDT)
Date: Thu, 28 Jul 2005 19:54:52 -0400 (EDT)
From: "Brian A. Seklecki" <lavalamp@spiritual-machines.org>
X-X-Sender: lavalamp@arbitor.digitalfreaks.org
To: freebsd-ports@freebsd.org
Message-ID: <20050728193334.P7262@arbitor.digitalfreaks.org>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII; format=flowed
Cc: Phil Homewood <pdh@bne.snapgear.com>, jeh@FreeBSD.org
Subject: misc/amanda /  Users
X-BeenThere: freebsd-ports@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Porting software to FreeBSD <freebsd-ports.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-ports>,
	<mailto:freebsd-ports-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-ports>
List-Post: <mailto:freebsd-ports@freebsd.org>
List-Help: <mailto:freebsd-ports-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-ports>,
	<mailto:freebsd-ports-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Thu, 28 Jul 2005 23:54:54 -0000


all, re: ports/73956

...although the approach used in this PR is a great improvement, should we 
really be defaulting to using 'operator:backup' if no user is set?

Won't that encourage people to unlock the operator account by assigning it 
a valid shell, or even a password?

It's unlikely people will take the high ground and execute all Amanda 
commands from sudo(8).

Aren't there hooks for creating psuedo accounts in Ports?  For example, in 
NetBSD pkgsrc there's a PKG_USERS and PKG_GROUPS that can be assigned with 
low UID values.  If so, why not default to creating an 'amanda' or 
'backup' user in the secondary group operator?

It's just that Amanda has some serious fudemental security issues as it is 
(no offense to them, it works well), such RHosts style authentication, 
depedency on inetd/xinetd, and lack of inline network encryption.  I just 
think we should be more proactive; I think even recent versin of Redhat 
ship it with an amanda user.

---

 	Also, we should probably add a pkg-message for the client and 
server mentioning required entries in inetd.conf(5), or is the thinking 
here that Amanda is so involved that people are going to refer to the docs 
anyway?

P.S., this would be an excellent use for the IPSec hooks in inetd(8).

~BAS


l8*
 	-lava