Project

General

Profile

Bug #10145

Investigate issues related to permissions for backup system

Added by sajolida about 4 years ago. Updated about 3 years ago.

Status:
Resolved
Priority:
Normal
Assignee:
-
Category:
-
Target version:
-
Start date:
09/01/2015
Due date:
% Done:

0%

Feature Branch:
Type of work:
Research
Blueprint:
Starter:
Affected tool:

Description

In the process of designing a backup system for the persistent volume we should take into account that all files are not owned by the "amnesia" user. This might lead to a security vs UX trade-offs:

  • Do we want the backup tool to run as "root" or as "amnesia"?
  • Does this have impact on the UX?
  • Does this prevent us from using certain tools that have a good integration in the desktop?
  • Is it reasonable not to back up files owned as "root"? For example, loosing the data of the APT features might be considered as ok but maybe not others. Is it ok to loose the NM data? Current folders owned by root in persistence:
    • apt
    • cups-configuration
    • nm-system-connections
  • Is it reasonable to grant at least read permissions to "amnesia" on some files owned by "root"? How would restoring these files work then?

Related issues

Related to Tails - Bug #9888: Test deja-dup to do backups Resolved 08/03/2015
Blocks Tails - Feature #9889: Decide a backup solution among possible candidates Rejected 08/03/2015

History

#1 Updated by sajolida about 4 years ago

  • Related to Bug #9888: Test deja-dup to do backups added

#2 Updated by sajolida about 4 years ago

  • Description updated (diff)

#3 Updated by sajolida about 4 years ago

  • Target version set to 2016

#4 Updated by sajolida almost 4 years ago

  • Description updated (diff)

#5 Updated by sajolida over 3 years ago

  • Blocks Feature #9889: Decide a backup solution among possible candidates added

#6 Updated by intrigeri about 3 years ago

  • Target version changed from 2016 to 2017

#7 Updated by intrigeri about 3 years ago

  • Target version deleted (2017)

#8 Updated by sajolida about 3 years ago

  • Status changed from Confirmed to Resolved
  • Assignee deleted (sajolida)

From the recent discussion we had about this, it seems like backing up only files owned by amnesia would work for a extremelly simple setup (backing up ~/Persistent only) but would quickly be too limiting (for example thinking about keys of onion services from Tails Server).

We also thought that a good UX could be to ask for an administrative password only when hitting files that cannot be copied by the amnesia user.

deja-dup doesn't know how to do this but elouann said that grsync is doing something like this already.

Marking this research as resolved now.

Also available in: Atom PDF