The backup files belong to "nobody" and contain files
like /etc/shadow and the private ssh key that are
intended to be readable only for root.
POC:
# cd /home/httpd/html/backup
# ls -l *.gz
-rw-r--r-- 1 nobody nobody 601789 2005-10-07 00:32
ipcop.tar.gz
root@ipcop:/home/httpd/html/backup # tar tvfz ipcop.tar.gz
-rw-r--r-- root/root 542 2005-10-07 00:24:39
etc/passwd
-r-------- root/root 356 2005-01-25 09:25:21
etc/shadow
...
-rw------- root/root 668 2005-01-25 09:49:36
etc/ssh/ssh_host_dsa_key
Suggested Fix: Keep only the encrypted backup and
secure access to the backup key. see also:
https://sourceforge.net/tracker/index.php?func=detail&aid=1344032&group_id=40604&atid=428516
Logged In: YES
user_id=691649
We will attempt to remove unencrypted backup on the
release after 1.4.10.
This necessitate many changes
- we need to be able to export backup.key on a secure way
like to floppy or usb key,
- we have to evaluate modifications to the installer to
accomodate those changes (restore backup.key encrypted
with password, restore backup from web backup or from usb
key)
Logged In: YES
user_id=1041094
Most of the work described by Gilles is ready.
Noboby can't create backup,
The key is available to root user only,
Backup.dat (crypted) usable at install stage,
stored on USB-storage device.