1 |
On Thu, 25 Feb 2010 17:41:13 +0200, Alan McKinnon wrote: |
2 |
|
3 |
> And someone gets into your backup server, BANG! instant pwnage of every |
4 |
> single machine on your network. Heck, you don't even have to try and |
5 |
> compromise the local root account, you already have full unfettered |
6 |
> access to everything anyway. |
7 |
|
8 |
Which is why you don't allow access to the backup server from outside of |
9 |
the network, and restrict root access from inside. Because backups are |
10 |
initiated from the server, it doesn't actually need any ports open to do |
11 |
its job, although a web server is needed to run the user interface |
12 |
(which isn't necessary). The ebuild sets up a separate instance of |
13 |
Apache just for this, so even if you are already running Apache on the |
14 |
backup server (which is a crazy idea to start with) compromising that |
15 |
won't get you into the backups. |
16 |
|
17 |
> Worse, I'll bet the server software runs |
18 |
> as an unpriviledged user, so you can just bypass the bit where you have |
19 |
> to compromise root there as well. |
20 |
|
21 |
You lose :P |
22 |
|
23 |
The server runs as a restricted user, with no login shell. |
24 |
|
25 |
|
26 |
-- |
27 |
Neil Bothwick |
28 |
|
29 |
WinErr 042: Virus error - A virus has been activated in a dos-box. The |
30 |
virus, however, requires Windows. All tasks will automatically be closed |
31 |
and the virus will be activated again. |