[TUHS] Quotas - did anyone ever use them?
Grant Taylor
gtaylor at tnetconsulting.net
Sat Jun 1 02:15:48 AEST 2019
On 5/31/19 10:06 AM, Michael Kjörling wrote:
> Let's hope said ransomware isn't smart enough to run "zfs list X -t
> snapshot" and "zfs destroy X at Y".
(Baring any local privilege escalation....) I think that ZFS would
protect (snapshots) against ransomware running as an unprivileged user
that can't run zfs / zpool commands.
> And while "zfs list" is Mostly Harmless, let's hope the sysadmin is smart
> enough to not let arbitrary users run "zfs destroy" anything important.
I have found the zfs and zpool command sufficiently easy to allow
limited access via appropriate sudoers entries.
--
Grant. . . .
unix || die
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 4008 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://minnie.tuhs.org/pipermail/tuhs/attachments/20190531/591fac2e/attachment.bin>
More information about the TUHS
mailing list