[GTALUG] Man deletes his entire company
Lennart Sorensen
lsorense at csclub.uwaterloo.ca
Fri Apr 15 17:40:05 EDT 2016
On Fri, Apr 15, 2016 at 05:12:40PM -0400, Alvin Starr wrote:
> For things like system backups you tend to have to run as root.
Often for some parts.
> Your backup device often has to be connected to the server. I have yet to
> see a backup media the magicaly gets data written to it while on the shelf.
> So once you have plugged in your back up media to backup and your backup
> program runs wild ... your kind of screwed.
That's why you have a rotation of backup devices. That way you still
have a backup while creating a new one. If your only backup is connected
to your system, then you have no backups at all.
> I kind of think it would be possible to use selinux to insure things like
> backups or system files cannot be deleted by accident.
>
> That would take some work to get right and I believe most systems run with
> selinux disabled.
> I know there are more than a few packages that I administer where they
> outright say the selinux must be disabled.
>
> Screwing up backup software is all too easy.
> I once worked for a computer company the sold systems to banks and for about
> a 3 month period a bug in the tape driver software was writing blank tapes.
> It was not discovered till a customer tried to restore something simple.
> Fortunately nobody needed to do a real restore of important data.
Well it isn't really a backup until it is verified either. Many people
skip that step. I certainly have at home in many cases.
> This company had a number of VERY smart people doing the coding but still
> silly errors crept through.
--
Len Sorensen
More information about the talk
mailing list