Hacker News new | past | comments | ask | show | jobs | submit login

This is still open to abuse in the form of your legitimate backup script being disabled and replaced by one uploading false backups. You wouldn't know anything has happened until you go to restore from one.

Of course, this is an edge case, but I believe setting up a pull-based backup system is still going to be less work than a write-only push system.




A hacked server can have the backup server pull false backups as well.

Of course, your servers shouldn't be SSHing to your backup servers, but that goes both ways.


If the backup machine is compromised the attacker can corrupt your backups. Either way, if machine is hacked you risk loss.


That's ridiculous. The same tricks can be played on a pull based system once you have compromised the DB server.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: