[Dirvish] Dirvish and GPG
Lynoure Braakman
lynoure at gmail.com
Sun May 25 05:32:36 UTC 2008
On Sun, May 25, 2008 at 6:25 AM, Jon Radel <jon at radel.com> wrote:
> I fear I may be missing something? What keeps the person who tampers with
> the files from creating a new SUMS file and messing with its times unless
> you force a human to enter passphrases after every backup? Now, admittedly,
> if you configure something like SELinux with great care, you can make
> twiddling the SUMS file after the fact very difficult, but if you do that,
> you could probably make it equally difficult to tamper with the backups in
> the first place.
Keeping it offline, separate from the backups, does. Usb sticks you
never let out of your site, or even encrypted media. Talking about
encrypted media, on can also backup to one, making sophisticated
tampering without a passphase practically impossible.
--
Lynoure Braakman
Freelance sysadmin
More information about the Dirvish
mailing list