|
From: | Blair Zajac |
Subject: | Re: [rdiff-backup-users] 1.1.2 restore error with readonly backup |
Date: | Sat, 12 Nov 2005 19:41:10 -0800 |
User-agent: | Mozilla Thunderbird 1.0.7 (X11/20051013) |
Ben Escoto wrote:
Blair Zajac <address@hidden> wrote the following on Mon, 07 Nov 2005 21:19:13 -0800Trying to restore from an rdiff-backup created by root as my normal user, I got this stack trace:...Is there a bug here in the logging code? Without the -v 9, I didn't get any message that something was wrong.Yes, I think there is a bug in the error code, I will look at it. But Sheldon Hearn is right, there is an issue with the setup you are attempting (but I wouldn't call it a "bug" exactly). The problem is that there are probably some files in the repository that you have insufficient permissions to read as the non-root user.
Yes, it appears that the problem is that rdiff-backup's data directory is 700, which prevents normal users from reading it.
I'm guessing that this is this intended? I would be nice for it to be 755 by default, to allow non-root users restore backups themselves.
However, from a security point of view, what kind of data are they getting access to that they should not have? The actual backup files and directories have the same permissions as the original, so there's no gained visibility. Is it just potentially a list of the files that were backed up? Could the incremental data have the file permissions as the original?
Regards, Blair -- Blair Zajac, Ph.D. <address@hidden> Subversion and Orca training and consulting http://www.orcaware.com/svn/
[Prev in Thread] | Current Thread | [Next in Thread] |