Back In Time

Why are the permissions so broad on backintime folder?

Asked by Olivier Bilodeau

Using backintime in SSH mode with full rsync option. Don't really understand what full rsync changes but I was convinced to click because it said it was going to be faster (and destination file system can handle it).

On first backup when the folder got created it was created with world-writeable permissions. That is unnecessarily broad and insecure. Is it really necessary?

$ ls -l backups/
drwxrwxrwx+ 3 <user> <group> 4096 Mar 24 10:26 backintime

$ ls -l backups/backintime/
drwxrwxrwx+ 3 <user> <group> 4096 Mar 24 10:26 <machine>

Only when I reach username that it is no longer world-writable:

$ ls -l backups/backintime/<machine>/
total 4
drwxr-xr-x+ 3 <user> <group> 4096 Mar 24 11:23 <username>

Of course I can seal my backups/ folder with:

    chmod go-rwx backups/

but saner defaults could be provided. If one would use BIP in an enterprise setting with all machines going to something like /var/backups/<machine>/ this means that any one could nuke each other's backups.

Thanks! (And thanks for BIP!)

edit: forgot to strip some of the identifying info

Question information

Language:
English Edit question
Status:
Answered
For:
Back In Time Edit question
Assignee:
No assignee Edit question
Last query:
Last reply:
Revision history for this message
Germar (germar) said : 		#1

Hi Olivier,

regarding 'full rsync mode' please take a look at my answer #1 in https://answers.launchpad.net/backintime/+question/235685

Permissions have been discussed in bug #673873 with no solution. I'm also not happy about this but doesn't see any way to fix this neither.

Regards,
Germar

Can you help with this problem?

Provide an answer of your own, or ask Olivier Bilodeau for more information if necessary.

To post a message you must log in.