X-Recipient: archive-cygwin AT delorie DOT com X-SWARE-Spam-Status: No, hits=-2.5 required=5.0 tests=AWL,BAYES_00,SPF_PASS X-Spam-Check-By: sourceware.org Message-ID: <4AD9EB0E.80601@gmail.com> Date: Sat, 17 Oct 2009 17:04:30 +0100 From: Dave Korn User-Agent: Thunderbird 2.0.0.17 (Windows/20080914) MIME-Version: 1.0 To: cygwin AT cygwin DOT com Subject: Re: How to deny directory-access for one dedicated user References: <416096c60910131027g3df5021ei9b15ab5067353ce0 AT mail DOT gmail DOT com> <4AD4D5FB DOT 4000906 AT gmail DOT com> In-Reply-To: Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Mailing-List: contact cygwin-help AT cygwin DOT com; run by ezmlm List-Id: List-Subscribe: List-Archive: List-Post: List-Help: , Sender: cygwin-owner AT cygwin DOT com Mail-Followup-To: cygwin AT cygwin DOT com Delivered-To: mailing list cygwin AT cygwin DOT com Matthias Meyer wrote: > How to solve my goal? > The user "backup" should backup all data but not certain directories. It cannot be done. Your two requirements amount to: 1- I want the backup user to be able to access all files and directories without restriction. 2- I want the backup user to be restricted from accessing certain files and directories. As a matter of plain logic, these requirements just cannot both be satisfied simultaneously in the same universe! There is no means to give the backup user privileges to access only-some-but-not-all of the files that the ACLs say it should not have access to, because it would essentially require an entire second level of ACLs on every file in the system to keep track of which files the backup privilege gave access to and which files it did not. cheers, DaveK -- Problem reports: http://cygwin.com/problems.html FAQ: http://cygwin.com/faq/ Documentation: http://cygwin.com/docs.html Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple