31 May
2019
31 May
'19
10:15 p.m.
On 5/31/19 10:06 AM, Michael Kjörling wrote:
Let's hope said ransomware isn't smart
enough to run "zfs list X -t
snapshot" and "zfs destroy X@Y".
(Baring any local privilege escalation....) I think that ZFS would
protect (snapshots) against ransomware running as an unprivileged user
that can't run zfs / zpool commands.
And while "zfs list" is Mostly Harmless,
let's hope the sysadmin is smart
enough to not let arbitrary users run "zfs destroy" anything important.
I have found the zfs and zpool command sufficiently easy to allow
limited access via appropriate sudoers entries.
--
Grant. . . .
unix || die