Backup tool?

[John]

Daniel Robitaille wrote:
>>Is there a good backup tool to use under Ubuntu? Preferably something
>>graphical and intuitive! I've taken a look at the BackupPC homepage -
>>a very impressive looking system, but perhaps a little
>>industrial-strenght for what I need. I just need something that can
>>compress a subset of my files on a regular basis and put that on a
>>Samba share. Any suggestions?
>>
> 
> 
> personally I uses Mondo (available in universe).  But it's not graphical...
> 

I took a look at Mondo a couple of years ago when I was looking fora 
general purpose backup tool.

Its specs are terrific, and I like the fact it uses afio (also a greate 
little archiver).

However, the code back then was full of security holes, it regularly 
uses the system() function without checking the input.

If there's a way to cause it to run sume arbitrary command (and you'd 
better believe there is), then it's possible to get it to run commands 
such as

rm -rf .
dd if=/dev/zero of/=dev/hda

Of course there are worse things it might do than these in the modern 
world of netbots and such.


Worse, the authors didn't seem interested in learning that the code was 
bad or how to improve it. Instead, the claim was "It's a disaster 
recovery tool."

Not on my systems. What if it's called on to operate on a file with the name
important.;rm -rf .


It may be much improved by now, I lost all interest in it back then.

I recommend that if you are interested in this package and can read C, 
check the source. If you can't read C, take a look   at alternatives.

It's a shme really, because I really like the fact that one could create 
CD (or other) images that fill a CD.


Oh, this wasn't the only problem. I discovered and demonstrated a way to 
cause a SEGV. The author's response, "Don't do that."