This is the mail archive of the cygwin mailing list for the Cygwin project.

Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

Re: How to deny directory-access for one dedicated user

On 10/17/2009 12:04 PM, Dave Korn wrote:
Matthias Meyer wrote:

How to solve my goal?
The user "backup" should backup all data but not certain directories.

It cannot be done. Your two requirements amount to:

1- I want the backup user to be able to access all files and directories
without restriction.
2- I want the backup user to be restricted from accessing certain files and

   As a matter of plain logic, these requirements just cannot both be satisfied
simultaneously in the same universe!  There is no means to give the backup
user privileges to access only-some-but-not-all of the files that the ACLs say
it should not have access to, because it would essentially require an entire
second level of ACLs on every file in the system to keep track of which files
the backup privilege gave access to and which files it did not.

One point that hasn't been made so far (that I could see) was that while the
backup user has access to the entire file system, it is not required that you
backup the entire file system if you don't want to. You can always exclude the
directories you don't want from your backup operation. This can be done through
exclusion lists rather than relying on access permissions. Different functionality
for sure bu it will achieve the same end.

Larry Hall                    
RFK Partners, Inc.                      (508) 893-9779 - RFK Office
216 Dalton Rd.                          (508) 893-9889 - FAX
Holliston, MA 01746


A: Yes.
> Q: Are you sure?
>> A: Because it reverses the logical flow of conversation.
>>> Q: Why is top posting annoying in email?

Problem reports:
Unsubscribe info:

Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]