Path: utzoo!utgpu!news-server.csri.toronto.edu!cs.utexas.edu!usc!julius.cs.uiuc.edu!news.cs.indiana.edu!purdue!clt
From: clt@cs.purdue.EDU (Carrick Talmadge)
Newsgroups: comp.sys.next
Subject: Re: Don't backup from root !
Message-ID: <12886@medusa.cs.purdue.edu>
Date: 4 Jan 91 22:57:34 GMT
References: <7u98u2w163w@questor.wimsey.bc.ca> <BB.91Jan4011516@reef.cis.ufl.edu>
Sender: news@cs.purdue.EDU
Reply-To: clt@cs.purdue.edu (Carrick Talmadge)
Organization: Department of Computer Science, Purdue University
Lines: 53

In article <BB.91Jan4011516@reef.cis.ufl.edu> bb@reef.cis.ufl.edu (Brian Bartholomew) writes:
>lclarke@questor.wimsey.bc.ca (Lawrence Clarke) writes:
>> ...and mistakenly entered [...] which tried too backup the scsi drive
>> to the scsi drive, which deleted the filesystem.
>
>> Guess what ... Don't backup your hard disk to floppies if your signed
>> on as user root!
>
>> If you create another user with OPERATOR privledge, then this command
>> will not allow you too over write the filesystem.
>
>This is a nonesuch.  You are probably thinking of VMS.  Under UNIX,
>there is exactly one level of "privledge", which is called root.
>Either you have it, and are allowed to do anything, or you don't, and
>all the access control mechanisms apply.  The whole idea of the single
>privledge is to get away from the morass of special-cases and security
>holes that result from an overcomplicated security scheme.

I think that the above comments could use a bit of clarification.
The hard disk should have the following permissions:

    crw-r-----  1 root     operator  14,  0 Apr  5  1990 /dev/rsd0a

This gives group operator read permission to the hard drive, but not
write permission.  Thus, all you need to do to protect yourself from
accidently blowing away the file system on the hard disk is make the
person who is dumping the hard disk a member of group operator (but
*not* the super user!!!).  To make yourself a member of group operator,
first "su" to root, and then type:

    nidump . group | grep operator > #operator

The file #operator should contain only the line

    operator:*:9:root

Modify this line to read

    operator:*:9:root,me
 
[substitute your desired priveledged account name(s) for "me"], then type

    niload . group < #operator

You can alternatively use "NetInfoManager" to perform this task.
I would recommend never backing up your files as root just to
protect yourself from the above happenstance.  I would also
recommend following Brian Bartholomew's suggestion of automating
the backup and restore process using shell scripts.

Carrick Talmadge
clt@physics.purdue.edu
clt@hercules.cs.purdue.edu