On Wed, Jun 27, 2007 at 02:51:25PM +0100, Stroller wrote: > Hi there, > [clip] > Does anyone have any thoughts on this, please? > > I have read of zsync which allows only the changes in a large single > file to be propagated but I'm not really sure if it's suitable for > these purposes. > > Thanks in advance for any suggestions, > > Stroller.
Off the top of my head I can think of two different ways you can store the files that would keep them safe. CryptFS One put all of the backups on an encrypted partition. Only mount that partition when you're ready to do a backup (that mighty require someone to login on their own and start it however). RBAC This may time more time to get a machine setup, but grsec is really good at ACLs. Setup a dedicated user and with GRSEC allow only that one user to access whatever directory you place your backups in. This is another layer of security, so even if they get the root account, they still don't have access to that directory. They will have to use the gradm password to elevate themselfs to get at it (use a complex password for gradm :) ). Basically everything here will help out (includes a quick pointer on RBAC) http://www.gentoo.org/proj/en/hardened/grsecurity.xml Hope that helps -Rick > -- > [EMAIL PROTECTED] mailing list -- [EMAIL PROTECTED] mailing list
