Libravatar (obsolete)

Encrypt database backups

Bug #1356119 reported by François Marier
256
This bug affects 1 person
Affects Status Importance Assigned to Milestone
Libravatar (obsolete)
Fix Released
High
François Marier

Bug Description

The database dumps that are left on the server should be gpg-encrypted with my key.

Tags: cron security
Revision history for this message
François Marier (fmarier) wrote :

Here is the new backup script in /usr/local/sbin/libravatar_backups:

#!/bin/sh

DUMP_DIR="/var/backups/libravatar"

# Perform fresh backup
DUMP_FILE="$DUMP_DIR/`date +%Y%m%dT%H%M%S`.pg"
pg_dump -Fc libravatar > $DUMP_FILE
chmod 600 $DUMP_FILE

# Encrypt backup
gpg --recipient 007c98d1 --encrypt $DUMP_FILE
rm $DUMP_FILE

# Purge old backups
find $DUMP_DIR -ctime +7 -delete

Changed in libravatar:
status: Confirmed → Fix Released
information type: Private Security → Public Security
To post a comment you must log in.
This report contains Public Security information  
Everyone can see this security related information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.