Am 11. Aug, 2003 schw=E4tzte Craig White so:

> My setup of SpamAssassin must have kicked in a gear because for the past
> 2 days, I wasn't getting any email from PLUG or from some other mail
> lists such as various RedHat lists etc. I shut off spamassassin for the
> time being because I don't have time to figger out what is happening.
>
> Anyway, I am pushing myself to learn amanda - (time consuming devil it
> is) and am wondering about the sensibility of some of the things that I
> am doing.
>
> 1 - I was getting tired of prefacing all my commands with the /usr/sbin
> prefix so I created a .bash_profile and put the various paths
> /usr/bin:/usr/sbin:~/bin so I can be lazy (sort of like being root).
> Does this represent a security problem?

I always setup my $PATH to have all the sbin dirs. It's not a security
problem. Keep '.' out of your $PATH. If you have to have it in there make
sure it's the last entry.

> 2 - Perhaps more basic - the user amanda is used to run the various
> programs - mostly /usr/sbin/amdump with is setuid root and obviously
> amanda uses a bash shell whereas most of the 'daemon' users don't have a
> login shell (for obvious reasons). How much of a security issue is this?
>
> 3 - Perhaps this is more philosophical...why does all tape backup
> software suck?

Careful, the mtx maintainer's on our list ;-).

Backups are very touchy and I bet most people don't want to be on the spot
when a restore doesn't work.

I still say that backup software is the one place where I see reason to use
proprietary software: you want someone to pin if something goes wrong.

That said, it would be better to be able to purchase support for a Free
Software backup package.

Amanda's a bit of a pain to setup, but I found it useful.

ciao,

der.hans

PS: I am no longer working for a backup software vendor, so no conflicts of
interest on the above.
--=20
#  https://www.LuftHans.com/    http://www.AZOTO.org/
#  Schlie=DFlich verteidigt Amerika Freiheit. Und Freiheit beginnt mit dem =
Wort.
#    -- Gunter Grass