[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Bacula-devel] Bacula and security.


On Mar 17, 2008, at 5:31 PM, Sebastian Petruczynik wrote:

> Hello!
> I have the question to you in relation to the security.
>
> Let us assume the hypothetical situation that somebody is breaking  
> into
> to the workstation on which the backup is being done.
> There is a configuration file of the bacula client in which the  
> password
> of the bacula storage is there after all.

This is incorrect.

The password on a bacula client is for bacula-fd.  It is used by
bacula-dir to contact the bacula-fd.

I think this renders the rest of the questions moot.

> Whether if somebody installed the bacula director on this station,
> could he this way configure the whole in order to recover the  
> backup on
> the other workstation,
> on which the backup is also being done?
>
> Or if I am using TLS encoding and the hacker could not install the
> director (because there is no signed certificate)
> whether could having the certificate in the customer somehow or  
> other to
> control the bacula storage?
> I mean uncovering the communications protocol out between the bacula
> client and the bacula storage here.


-- 
Dan Langille -- http://www.langille.org/
dan@xxxxxxxxxxxx





-------------------------------------------------------------------------
This SF.net email is sponsored by: Microsoft
Defy all challenges. Microsoft(R) Visual Studio 2008.
http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/
_______________________________________________
Bacula-devel mailing list
Bacula-devel@xxxxxxxxxxxxxxxxxxxxx
https://lists.sourceforge.net/lists/listinfo/bacula-devel


This mailing list archive is a service of Copilotco.