Xref: utzoo comp.unix.internals:2559 comp.unix.admin:1620 Path: utzoo!utgpu!news-server.csri.toronto.edu!rpi!zaphod.mps.ohio-state.edu!swrinde!cs.utexas.edu!ut-emx!ibmchs!auschs!awdprime!sanders.austin.ibm.com!sanders From: sanders@cactus.org (Tony Sanders) Newsgroups: comp.unix.internals,comp.unix.admin Subject: Re: Unix security additions Message-ID: <6783@awdprime.UUCP> Date: 17 Apr 91 23:20:39 GMT References: <1991Mar22.024124.3238@ec <1092@mwtech.UUCP> <19208@rpp386.cactus.org> Sender: news@awdprime.UUCP Reply-To: Tony Sanders Followup-To: comp.unix.internals Organization: IBM AWD, Austin Lines: 20 Originator: sanders@sanders.austin.ibm.com >In article <1092@mwtech.UUCP> martin@mwtech.UUCP (Martin Weitzel) writes: >>backups. Now I complain: This is really bad - I don't trust these people and >>fear they will use their privilegded account to sneak into other user's files. What if the backup/restore utilities on the "secure" system used an encryption scheme before writting to tape (like dump|crypt|dd of=/dev/mt, assuming each dump will fit on a single tape). Then tapes written on the "secure" system could only be read back by the corresponding restore utility on that system. You must of course secure the new backup/restore utilities from them but that's just SOP. Restoring the information on an insecure system would be useless, you have to have the password to use it. I'm a little behind in this group, pardon me it's this has already been mentioned. -- sanders@cactus.org I am not an IBM representative, I speak only for myself. I have a wonderful proof that emacs is better than vi, unfortunately this .sig is too small to contain it.