[OpenAFS] OpenAFS Security Releases 1.8.2, 1.6.23 available -->
butc & backup security update question --> why only root?
Giovanni Bracco
giovanni.bracco@enea.it
Thu, 27 Sep 2018 15:11:03 +0200
I have made some tests - ok it works - but I wonder why the key
autentication method is allowed only to root user
> -localauth
> All butc RPCs require superuser authentication.
> This option must be run as root, and server key material must be present.
Our backup scripts, which have been running on a dedicated server for
many years, run under a dedicated user with administrative powers.
Why the availability of a admin token is not sufficient to run butc in a
secure way?
Giovanni
On 13/09/2018 22:51, Mark Vitale wrote:
>
>
>> On Sep 13, 2018, at 2:37 PM, Jeffrey Altman <jaltman@auristor.com> wrote:
>> <snip>
>> In the case of OPENAFS-SA-2018-001.txt, both 'butc' and 'backup' (or
>> 'afsbackup' as it is installed on some systems) must be at least:
>>
>> * AuriStorFS v0.175
>> * OpenAFS 1.8.2
>> * OpenAFS 1.6.23
>>
>> <snip>
>>
>> As of the releases above, the 'butc' service (by default) will not only
>> accept authenticated connections but will require that the authenticated
>> identity be a super-user as reported by the butc host's "bos listusers"
>> command.
>
> A small correction: the OpenAFS 'butc' does not do this by default.
> Instead, it forces the operator to specify one of the following options:
>
> -localauth
> All butc RPCs require superuser authentication.
> This option must be run as root, and server key material must be present.
>
> -allow_unauthenticated
> All butc RPCs remain unauthenticated.
>
>
> Regards,
> --
> Mark Vitale
> mvitale@sinenomine.net
>
>
>
--
Giovanni Bracco
phone +39 351 8804788
E-mail giovanni.bracco@enea.it
WWW http://www.afs.enea.it/bracco