Re: using dump for backups.

From: Rob Simmons (rsimmons@wlcg.com)
Date: 10/22/01


Date: Sun, 21 Oct 2001 21:28:18 -0400 (EDT)
From: Rob Simmons <rsimmons@wlcg.com>
To: Hassan Halta <hassan@cs.earlham.edu>


-----BEGIN PGP SIGNED MESSAGE-----
Hash: RIPEMD160

Using dump locally to a tape, or other device is safe. Using rdump and
enabling rsh on a remote machine to dump to a device on that machine can
be unsafe due to rsh, not dump itself.

If you need to dump to a remote device, you can use ssh to make it safer.
You can also look into using Amanda, which can use Kerberos to make the
remote dumps safer as well. Amanda can use tar as well. As far as Amanda
is concerned, dump and tar are interchangeable. Also, unfortunately the
port for Amanda in the ports collection does not have options for
Kerberos. You will need to look at the configure options to Amanda, and
extract the proper configure switches, and add them yourself to
CONFIGURE_ARGS (of course, after adding MAKE_KERBEROS4=yes to your
make.conf).

As far as I know, Amanda only works with krb4, not krb5 yet. I could be
wrong.

Robert Simmons
Systems Administrator
http://www.wlcg.com/

On Sat, 20 Oct 2001, Hassan Halta wrote:

> Hi all,
>
> I was thinking of using dump/restore way to backup files on the system. I
> heard sometime ago that FreeBSD dump was insecure. So, I am wondering if
> this is still the case, and how insecure it is, or what the fixes for it?
> I would like to know more about it if possible,
>
> Thanks a lot,
>
> Hassan
>
>
>
> To Unsubscribe: send mail to majordomo@FreeBSD.org
> with "unsubscribe freebsd-security" in the body of the message
>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (FreeBSD)
Comment: For info see http://www.gnupg.org

iD8DBQE703Y2v8Bofna59hYRAyw7AKC9pbK095BRUUn+Scv7co5DXCI6awCcCot0
tpLnAyKAkx5sWuFc92iC9i0=
=64an
-----END PGP SIGNATURE-----

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message