Commit 0f68de49 authored by Yuanle Song's avatar Yuanle Song

update doc on config security

parent d7720c5f
......@@ -245,6 +245,31 @@ vscode should at least always indent using space for F#.
* current :entry:
**
** 2019-11-23 when default .ssh dir is in %programdata%\mbackup\.ssh,
there is a security concern.
when admin (one user) config mbackup target and ssh-key.
other users may not want their files to be backed up to admin configured server.
In current situation, user's files will be backed up without any user confirmation.
- should I use global backup with global configuration or should mbackup always
use per user backup config?
For system files, local-list.txt and local-exclude.txt, use global configuration.
only backup current users's home dir if user have accepted to do so.
create a GUI to let user enable mbackup for current user.
implementation is easy. just add a reg key or create an empty file for current user.
So, mbackup is always global. User can choose whether they want their files to be backed up.
- is it a security issue that config file can be modified by non-admin?
non-admin can change target dir to a dir he/she has access to, then read other user's files?
mbackup process won't be able to read other user's files.
but when admin user login, and runs mbackup. the non-admin user will now be able to
read other user's files.
Security requires more thinking. Current setup is for trusted PC, such as single user PC
or family PC. It's not ready for multi-user PC, workstation or Windows server.
** 2019-11-23 add an icon for desktop shortcut.
use recognizable backup icon, with some color.
** 2019-11-18 add dockerfile to create rsync mingw64 distribution,
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment