Relay-Version: version B 2.10 5/3/83; site utzoo.UUCP Path: utzoo!mnetor!uunet!seismo!gatech!bloom-beacon!think!ames!ucbcad!ucbvax!jade!saturn!ucscc.UCSC.EDU!haynes From: haynes@ucscc.UCSC.EDU.ucsc.edu (99700000) Newsgroups: comp.unix.wizards Subject: Re: UNIX classified operation - (nf) Message-ID: <533@saturn.ucsc.edu> Date: Thu, 9-Jul-87 15:56:27 EDT Article-I.D.: saturn.533 Posted: Thu Jul 9 15:56:27 1987 Date-Received: Sun, 12-Jul-87 15:49:49 EDT References: <175@uw-apl.UUCP> <8300007@iaoobelix.UUCP> <1110@rayssd.RAY.COM> <1894@oliveb.UUCP> Sender: usenet@saturn.ucsc.edu Reply-To: haynes@ucscc.UCSC.EDU (Jim Haynes) Organization: California State Home for the Weird Lines: 17 > >Actually you should consider making them mode 640, owned by root and >with group set to the group your operators are in. This allows them to >do dumps without being root. Of course this depends on the procedures >you use for backup but it can add an extra measure of security. Or, it can detract from security if people can find a way to get into the operator group when they don't belong there. (e.g. they learn some operator's password). What we did instead is to have a 'backup' account on the machine that the operators log into when they are going to do backups. The dump program is hacked so that it runs setuid root, but drops privileges if the uid running it is not that of 'backup' . haynes@ucscc.ucsc.edu haynes@ucscc.bitnet ..ucbvax!ucscc!haynes