Backup Central

Dear All,

I have been trying out rdiff-backup 0.12.16 and it looks really nice. I
do, however, have some problems using the --restrict option which I
don't fully comprehend.

The setup I'm using is that I let the client initiate the connection to
the backup server. I've put command="rdiff-backup --server --restrict
/home/archive/ake/" in authorized_keys2. Then the following happens:

$ rdiff-backup test backup-server::/home/archive/ake/
[...]
Warning Security Violation!
Request to handle path /home/archive/ake/rdiff-backup-data
which doesn't appear to be within restrict path /home/archive/ake/.

This doesn't make any sense to me since obviously
/home/archive/ake/rdiff-backup-data is within restrict path
/home/archive/ake/. Trying to backup to a subdirectory of
/home/archive/ake doesn't resolve the problem, and neither does adding
--restrict /home/archive/ake/ on the client side.

The second problem I have is that I can restore files from outside the
restricted path. For example,

$ rdiff-backup --restrict /home/archive/ake/ -r now
backup-server:test-backup/file1 test/file1

works although /home/archive/test-backup is clearly not within restrict
path /home/archive/ake/.


Any thoughts on this problem would be appreciated. Am I missing
something obvious?

Sincerely ,
Ake Brannstrom

Åke Brännström <ake.brannstrom < at > math.umu.se>
wrote the following on Thu, 15 Jan 2004 11:32:53 +0100

I have been trying out rdiff-backup 0.12.16 and it looks really nice. I
do, however, have some problems using the --restrict option which I
don't fully comprehend.

The setup I'm using is that I let the client initiate the connection to
the backup server. I've put command="rdiff-backup --server --restrict
/home/archive/ake/" in authorized_keys2. Then the following happens:

$ rdiff-backup test backup-server::/home/archive/ake/
[...]
Warning Security Violation!
Request to handle path /home/archive/ake/rdiff-backup-data
which doesn't appear to be within restrict path /home/archive/ake/.

The basic --restrict option should work---is it possible it doesn't
like your trailing '/' on '/home/archive/ake/'? It could be a silly
bug like that.

The second problem I have is that I can restore files from outside the
restricted path. For example,

$ rdiff-backup --restrict /home/archive/ake/ -r now
backup-server:test-backup/file1 test/file1

works although /home/archive/test-backup is clearly not within restrict
path /home/archive/ake/.

Ouch, this is more serious. Can you verify that the server is really
being run with the proper --restrict option? Adding a --restrict
option to the client doesn't do anything (the idea being that an
attacker wouldn't be so polite as to make sure he typed that in). You
can though use the --remote-schema option, as in:

rdiff-backup --remote-schema 'ssh %s rdiff-backup --server --restrict
/home/archive/ake' -r now backup-server:test-backup/file1 test/file1


--
Ben Escoto