Areca Backup [LSARC/2008/681 Self Review]
Mark A. Carlson
Mark.Carlson at sun.com
Wed Nov 5 04:21:46 PST 2008
Darren,
This case is to provide familiarity to Linux users coming to OpenSolaris
and wanting to have the utilities here that they have in Linux. Once they
are comfortable and discover some of the superior tools that OpenSolaris
has that might be more appropriate, they will convert to those.
But if they need to learn all new tools when they first get here, they
will not stay.
Darren J Moffat wrote:
> Given the unsafe nature of the crypto in this project and the fact that
> it does not support ZFS ACLs or attributes I see no point in integrating
> this into OpenSolaris/Solaris.
See above. It's not a competition for only the best tool to be chosen
for OpenSolaris, but more
a matter of many tools, some good, some much better.
> It would in my opinion be more harmful
> to have it than not have it. It also provides a false sense of security
> due to the weak way that the passphrases are turned into encryption keys
> (ie there is no salting so no protection against brute force key attack).
>
> For personal backups it would be safer to use tar and if encryption is
> needed then the encrypt(1) and mac(1) commands can be used for to
> provide safer (than what this case provides) encrypted versions of the
> tar files using a documented and committed format. Instead of this
> project maybe we should build a simple personal backup tool around the
> clis we already have in OpenSolaris.
>
There are better tools, but that is not a reason to reject familiarity
cases,.
-- mark
More information about the opensolaris-arc
mailing list