0

I am using s3fs to mount a S3 buckets on an Ubunutu server to store my daily backups there.

Considering security this would allow a potential hacker to delete all my backups from the mounted bucket.

Is there a way to prohibit that? Maybe mounting the bucket for write-only but not for deleting?

Thomas Einwaller
  • 288
  • 1
  • 3
  • 12
  • An evil hacker can write zero length files over everything, also, and not delete the files. – cjc Nov 26 '12 at 10:56
  • Depending on the nature of the backups, you might be able to have some of them automatically archived to Glacier (e.g. those older than a few days). In that way, they are no longer on S3 and cannot be accessed through s3fs. The most recent ones stay on S3, older ones go to Glacier - it provides some safeguard although it is not ideal (the cost savings are also an upside). – cyberx86 Nov 26 '12 at 12:49
  • so the only real solution would be to have another system that pulls the backups from the server and puts them on S3 instead of having the server put them on S3? – Thomas Einwaller Nov 27 '12 at 07:48
  • There is another solution, although, still not optimal. Setup an S3 bucket with [versioning](http://aws.amazon.com/about-aws/whats-new/2010/02/08/versioning-feature-for-amazon-s3-now-available/) and create a separate user (who isn't the 'owner') for your backups. Versions can only be deleted by the owner, so even if the data is overwritten or the file deleted, you can recover the previous version(s). The [FAQs](http://aws.amazon.com/s3/faqs/#What_is_Versioning) go into some detail about a use case similar to yours. – cyberx86 Nov 27 '12 at 15:18

1 Answers1

0

You should enable S3 buckets versioning:

Versioning offers an additional level of protection by providing a means of recovery when customers accidentally overwrite or delete objects. This allows you to easily recover from unintended user actions and application failures.

I would also recommend you take a look at my project: RiFS, a userspace filesystem to mount Amazon S3 buckets. Our project is an alternative to “s3fs” project, main advantages comparing to “s3fs” are: simplicity, the speed of operations and bugs-free code. Currently the project is in the “beta” state, but it's been running on several high-loaded fileservers for quite some time.

Hope it helps !

Paul
  • 101
  • 2