|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
From: Joe Glass (joe
glass.cl.msu.edu)Date: Fri Aug 17 2001 - 12:13:28 CDT
More importantly, you could run a command as root on any box that is
backed up by Arkeia. (I'm sure you already know this, but it wasn't
completely clear in this e-mail). I forwarded your e-mail to the Arkeia
userlist. It seems as though the moderators at Knox don't let these
e-mails show up on their userlist though. I forwarded the last security
issue that was talked about on bugtrack to the userlist serveral times,
but it never appeared. Which doesn't make sense to me.
> ##Implications
> the password (effectively a root password) once you have access through
> the gui, you have the possibility of running a command from the gui
> before and after the backup job. This command is run as root and can be
> anything. Therefore you have full access to the box to do with as you
> please.
-- Joe Glass Technical Support Services, Michigan State University phone: 517-355-4500 x240 e-mail: joe
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]