1

In the case of a simple web-server with a MySQL database, the script has to dump the database, copy the web-server files and tar everything together. Then a NAS server Rsync the tar file via a "ssh-copy-id" done to a user "backup" that can only access it's own home folder where the backups are stored.

I know a feel things like store the credentials in a env file and limit the access to the script and the env file, but I have some doubts too:

1- Is it better to the root to access and execute the script and env file and then give the tar file to the backup user or let the backup user execute the script?

2- Is the Rsync via ssh key to a limited backup user the best way to export the backup file or is there a better way (in terms of security)?

Danilo Steps
  • 11
  • 1
  • What type of attacs are you concerned for? – Mircea Vutcovici Apr 11 '23 at 09:00
  • Mainly lateral movement, privilege escalation and database credentials leaking, but there may be other dangers that I'm not aware. – Danilo Steps Apr 11 '23 at 12:05
  • Do you trust the NAS machine? Do you want to limit what the NAS can do to the web server? Sorry i'ts not clear for me. – Mircea Vutcovici Apr 11 '23 at 21:54
  • I was questioning some methods I use to backup some servers, one being if it's right to let the root execute script that create the backups the other is if this way of Rsync the file is fine too, or if there is another way. But I've being studying about it recently and it looks like it's fine. – Danilo Steps Apr 13 '23 at 12:20
  • Also I would like to know if there is some bad practice on this methods I'm using because I don't see myself as very experienced in this matter yet. – Danilo Steps Apr 13 '23 at 12:23

1 Answers1

2

You could run the rsync from the NAS machine. The NAS will connect over ssh to the web server and run the rsync. In this way your web server has no access to the NAS.

Mircea Vutcovici
  • 17,619
  • 4
  • 56
  • 83