Backup all files in home directories, not just the ones with the right ownership
I have a hosting account reporting in WHM as being 15Gb in size. Reason: stored OUTSIDE of public_html, but INSIDE the home folder of that account were a number of large video files that the public site depends on.
But I just realised that the backup files for the entire home folder were only 200Mb each in size.
Reason: the large video files were *not* owned by the home folder account user.
My feature request is that ALL files and folders are included in backups per home folder, irrespective of the owner of those files/folders.
Of course you might want to offer up the configuration setting to exclude files/folders that aren't owned by the account holder.... but IMHO the default should be everything. Otherwise people risking getting a very nasty surprise that what they thought were full backups are actually only partial backups.
I like this idea 
cPanel, WebHost Manager and WHM are registered trademarks of cPanel, L.L.C. for providing its computer software that facilitates the management and configuration of Internet web servers.
This is not something that cPanel will be considering for inclusion, as the behavior you mention is intentional and by design. The reason for this is that of security. The process that backs up the files runs as the particular user involved, ensuring that only files that the actual user has access to can be accessed. Expanding this means the backup process, at least in that portion, is capable of accessing data beyond their intended access and being backed up as root.
This would open up all sorts of extremely scary situations where someone could specify a symlink to a file they shouldn't access and effectively can abuse the backup system to download literally any file on the system. While attempts could be made to block that abuse, the risk is always there and quite honestly not worth it.
My question to you would be how exactly are you getting non-user owned files in the user directory? This should only be possible if the administrator (root) is placing badly owned files in the user's directory. Essentially, this situation should be impossible to reproduce without some sort of human intervention or root intervention of effectively mismanaging the files of their homedir. Only files owned by the user should ever be placed inside of their homedir.
This is not something that cPanel will be considering for inclusion, as the behavior you mention is intentional and by design. The reason for this is that of security. The process that backs up the files runs as the particular user involved, ensuring that only files that the actual user has access to can be accessed. Expanding this means the backup process, at least in that portion, is capable of accessing data beyond their intended access and being backed up as root.
This would open up all sorts of extremely scary situations where someone could specify a symlink to a file they shouldn't access and effectively can abuse the backup system to download literally any file on the system. While attempts could be made to block that abuse, the risk is always there and quite honestly not worth it.
My question to you would be how exactly are you getting non-user owned files in the user directory? This should only be possible if the administrator (root) is placing badly owned files in the user's directory. Essentially, this situation should be impossible to reproduce without some sort of human intervention or root intervention of effectively mismanaging the files of their homedir. Only files owned by the user should ever be placed inside of their homedir.
This is not something that cPanel will be considering for inclusion, as the behavior you mention is intentional and by design. The reason for this is that of security. The process that backs up the files runs as the particular user involved, ensuring that only files that the actual user has access to can be accessed. Expanding this means the backup process, at least in that portion, is capable of accessing data beyond their intended access and being backed up as root.
This would open up all sorts of extremely scary situations where someone could specify a symlink to a file they shouldn't access and effectively can abuse the backup system to download literally any file on the system. While attempts could be made to block that abuse, the risk is always there and quite honestly not worth it.
My question to you would be how exactly are you getting non-user owned files in the user directory? This should only be possible if the administrator (root) is placing badly owned files in the user's directory. Essentially, this situation should be impossible to reproduce without some sort of human intervention or root intervention of effectively mismanaging the files of their homedir. Only files owned by the user should ever be placed inside of their homedir.
This is not something that cPanel will be considering for inclusion, as the behavior you mention is intentional and by design. The reason for this is that of security. The process that backs up the files runs as the particular user involved, ensuring that only files that the actual user has access to can be accessed. Expanding this means the backup process, at least in that portion, is capable of accessing data beyond their intended access and being backed up as root.
This would open up all sorts of extremely scary situations where someone could specify a symlink to a file they shouldn't access and effectively can abuse the backup system to download literally any file on the system. While attempts could be made to block that abuse, the risk is always there and quite honestly not worth it.
My question to you would be how exactly are you getting non-user owned files in the user directory? This should only be possible if the administrator (root) is placing badly owned files in the user's directory. Essentially, this situation should be impossible to reproduce without some sort of human intervention or root intervention of effectively mismanaging the files of their homedir. Only files owned by the user should ever be placed inside of their homedir.
Replies have been locked on this page!