Re: tar or zipping files to which you have no explicit access?
From: Al Dunbar [MS-MVP] (alan-no-drub-spam_at_hotmail.com)
Date: 04/11/04
- Next message: Mike T: "Explorer folder view corrupt"
- Previous message: Lanwench [MVP - Exchange]: "Re: moving 500 home folders to another volume"
- In reply to: Tom Rodman: "tar or zipping files to which you have no explicit access?"
- Next in thread: Mike Brown - Process Manager: "Re: tar or zipping files to which you have no explicit access?"
- Messages sorted by: [ date ] [ thread ]
Date: Sun, 11 Apr 2004 10:14:27 -0600
Interesting... no technical answers here, just comments on the political
aspects...
"Tom Rodman" <Use-Author-Address-Header@[127.1]> wrote in message
news:200404110905.i3B957Ns006462@tigris.pounder.sol.net...
> How can we "zip up" or tar
> users' directories to a single archive file. We
> do NOT want to limit the access rights end users can assign to their
> objects. After archiving the objects into to a single
> tar or zip file we want to be able to restore them preserving
> original ownership and ACLs.
Depends on whether or not the users desire you to be able to perform these
backups. If they do and your only recourse is that you must have access to
the files they do not want you to have access to, the problem is quite
simple: they just sign a waiver to the effect that they will take full
responsibility to do their own backups to prevent loss (assuming that is the
purpose of the backups, and it is not simply to migrate from one server to
another, for example).
> We've tried granting ourselves the right to
>
> "backup files and directories"
> "restore files and directories"
>
> The show-stopper has been "Permission denied" errors on files
> for which we have no access rights - these could not be added to
> the tar archive.
>
> We're looking for a no cost solution using our free open source tools. My
> guess is the solution involves granting the process
> creating the backup file archive the proper rights.
>
> Clearly ntbackup can do this- but it only archives to tapes;
> if ntbackup could archive/restore to/from a file that would be
> fine - but it can not.
>
> why we do not want to restrict the permissions our end
> users assign to their own objects:
>
> o eventually there will be users that violate the rules, and or insist
> that they be allowed to do so. This can get
> political - you can not / will not always win political skirmishes.
> System admins are not always treated like gods by management.
System admins are NOT gods, and should not be treated as such. They are
humans, and, as such, need both the tools required to do the job (i.e. they
cannot do magic), AND they need some protection from the liabilities that
come with having system-level access to sensitive client information.
> o IMHO users may have a valid reason for *not* granting the
administrators
> access to an object. Why should they be forced to? Our users are
software
> developers, perhaps they need to have very strict permissions for code
test
> cases. End users deserve respect, they pay for us with their work.
In that case, they must accept that you will either have the privs to backup
their files, or you will NOT backup their files. This is not a decision to
be made by you, but by them. And they need to realize that, having withheld
the privs to do the backups, they cannot hold you responsible for loss of
their work.
> o This attitude that user's should not be able to permissions to objects
> they own to what ever they want is IMHO arrogant, arrogant consistent
> with the worst of "Microsoft culture".
Disagree. If our users were aple to modify access permissions, they would
screw things up so badly that files would be lost, AND permitted
inadvertently to the WRONG people. NTFS permissions are NOT for the
untrained.
> In contrast UNIX has no such
> constraints - tools exist for "root" to backup all objects to a
non-tape
> archive regardless of their permissions or acls.
>
> o I can give you a specific example where a production database requires
a
> all objects below a given directory have an explicit ACL value
> that does *not* include system or administrators. If an object is
> changed to include either of the above groups, then the application
> will not work- at some point it will self repair by resetting all
> the permissions on the tree so that these groups are removed.
Then, of course, that application does all of its own rock-solid backups,
does it not?
> o another example is cygwin's ssh client, for each ssh end user, their
> $HOME/.ssh/ dir should be set for access *only* by the user, no
access - not
> even read or execute to anyone else. I may not be entirely correct
> on this one, but I know the permissions on ~/.ssh/ are quite strict
> by design (it's a "secure shell" after all).
>
> o NTFS has an incredibly rich permissions capability - more so than
UNIX.
> To insist that administrators or system have full control to every
object
> "dumbs down" this richness and seems to contradict it's design.
Partly agreed. But if admins do not have full access, the proper application
of data security will be left to the untrained, and there will be NO way to
determine its effectiveness.
> Any help would be appreciated; pls post *and* also e-mail me.
Sorry, I am only posting.
/Al
- Next message: Mike T: "Explorer folder view corrupt"
- Previous message: Lanwench [MVP - Exchange]: "Re: moving 500 home folders to another volume"
- In reply to: Tom Rodman: "tar or zipping files to which you have no explicit access?"
- Next in thread: Mike Brown - Process Manager: "Re: tar or zipping files to which you have no explicit access?"
- Messages sorted by: [ date ] [ thread ]
Relevant Pages
|
