mailing list archives
Re: Irix tape devices + logs + su
From: v13 () AETOS IT TEITHE GR (Harhalakis Stefanos)
Date: Sun, 20 Dec 1998 02:44:36 +0200
On Fri, 18 Dec 1998 Valdis.Kletnieks () VT EDU wrote:
On Thu, 17 Dec 1998 09:39:11 +0200, you said:
entry in root's .cshrc)). So it is possible to have those devices with
mode 644 or even 666, which is bad news, because anyone could use
xfsrestore to get any file.
Possibly an issue. Remember that they still need physical access to
the tape and the tape drive. xfsrestore isn't set-UID, so a user
can't extract files with a different owner unless they get root first.
I'd worry more about someobdy doing an 'mt rewindoffline' to screw up
a running tape job.
You can restore the files to a different location, than the original.
xfsrestore will give you files like the shadow with pleasure. (It is as
safe, as having the hard disk devices with o+rw permissions. :) An
attacker needs to know, only the time you use to backup your / partition
(any incremental level can be forced to backup /etc/shadow, by simply
changing your password)
Computer Systems Senior Engineer