Re: How does Local System Account bypass file permissions during a backup?
From: Pegasus \(MVP\) (I.can_at_fly.com)
Date: 11/03/04
- Next message: David H. Lipman: "Re: Virus - msconfig"
- Previous message: David H. Lipman: "Re: PKI Follow Up"
- In reply to: Tommy Gilchrist: "How does Local System Account bypass file permissions during a backup?"
- Next in thread: Tommy Gilchrist: "Re: How does Local System Account bypass file permissions during a backup?"
- Reply: Tommy Gilchrist: "Re: How does Local System Account bypass file permissions during a backup?"
- Messages sorted by: [ date ] [ thread ]
Date: Thu, 4 Nov 2004 10:13:19 +1100
"Tommy Gilchrist" <tommy@delete.gilchristcs.the.com.needful> wrote in
message news:1imio0524tuobb6i56b6amrvvlib5ce48p@4ax.com...
> Folks
>
> I wonder could you shed some light on a problem we're having.
>
> The nature of the problem is very odd in that I'm arguing with a
> backup vendor who shall remain nameless over a feature that I need,
> that any backup software should be able to do, that their software
> seems to be capable of doing but (and this is the odd bit) they claim
> their software CAN'T do!
>
> The backup agent runs under the local system account and the vendor is
> claiming that this means that all files must have "SYSTEM" granted
> read access in order to guarantee a successful backup. Given that
> there are about 100 file servers hosting millions of files in the
> enviroment and multiple people have access to change permissions this
> obviously can't be guaranteed.
>
> However I can create files, give them very restricted permissions,
> even remove all permissions and the backup program can back them up
> successfully. I've tested this on Windows NT 4.0, 2000 and 2003.
>
> What may help move the discussion forward is an understanding of how
> the local system account accesses files. I understand that members of
> the Backup Operators group and the Administrators group get the "Back
> up files and folders" permission which will permit this. However the
> SYSTEM account isn't a member of either group by default.
>
> Is the SYSTEM account the same as the Local System Account services
> run under. Does the Local System Account have these permissions
> automatically or is this not relevant at all and am I barking up the
> wrong tree?
>
> thanks
>
> tommy
The SYSTEM account has implicit access permissions to all local
files and folders (but not to networked resources). This is independent
of any NTFS permissions that you might set.
- Next message: David H. Lipman: "Re: Virus - msconfig"
- Previous message: David H. Lipman: "Re: PKI Follow Up"
- In reply to: Tommy Gilchrist: "How does Local System Account bypass file permissions during a backup?"
- Next in thread: Tommy Gilchrist: "Re: How does Local System Account bypass file permissions during a backup?"
- Reply: Tommy Gilchrist: "Re: How does Local System Account bypass file permissions during a backup?"
- Messages sorted by: [ date ] [ thread ]
Relevant Pages
|
