1 |
>> > You have to grant root rsync access to the backuppc user on the |
2 |
>> > server. |
3 |
>> |
4 |
>> Isn't that a gaping security hole? I think this amounts to granting |
5 |
>> the backup server root read access (and write access if you want to |
6 |
>> restore) on each client? |
7 |
> |
8 |
> How can you backup system files without root read access? You are granting |
9 |
> this to s specific user, one without a login shell, on the server. |
10 |
|
11 |
If the backup server is infiltrated, the infiltrator would have root |
12 |
read access to each of the clients, correct? If the clients push to |
13 |
the backup server instead, their access on the server can be |
14 |
restricted to the backup directory. |
15 |
|
16 |
- Grant |