[Veritas-bu] User Restores?
2006-09-06 17:16:01
The can't exceed their unix permissions on the restore, so, in general,
they can't overwrite the kernel.
The "bprestore" tool runs as their unix UID.
There used to be a problem where no group other than their primary group
was considered but I don't know if that's still a problem. (for
example: User could restore files to a directory that had group write
for their primary GID in /etc/password but they couldn't restore files
to a dir that was group-perm'd to allow a secondary group from
/etc/group to write there.)
-M
-----Original Message-----
From: veritas-bu-bounces at mailman.eng.auburn.edu
[mailto:veritas-bu-bounces at mailman.eng.auburn.edu] On Behalf Of Martin,
Jonathan (Contractor)
Sent: Wednesday, September 06, 2006 2:35 PM
To: Veritas-bu at mailman.eng.auburn.edu
Subject: [Veritas-bu] User Restores?
Is there any feature of NBU that would allow users to restore their own
data? I suppose we could give them access to the restore GUI, but they
could then restore any file to any location, which is a major security
issue. (Whoops, did I just overwrite the kernel?) Is there some sort
of way we could give users the ability to restore their own data without
the DLO option?
-Jonathan
_______________________________________________
Veritas-bu maillist - Veritas-bu at mailman.eng.auburn.edu
http://mailman.eng.auburn.edu/mailman/listinfo/veritas-bu
|
|
|