[rdiff-backup-users] Windows: backing up files the administrator can't read

[Aneurin Price]

Hello all,

I'm hoping to use rdiff-backup to perform backups on Windows retaining
full ACLs, including for files which the administrator cannot access.
Unlike on a POSIX system in which the superuser can access any files
regardless of the permissions set, on Windows it is possible to
restrict any user from accessing a file (though they can still take
ownership and obliterate the ACLs, so this provides no real security).

Since this makes backing up a multi-user system problematic, there is
also an option to have all files treated as readable regardless of the
actual ACLS, and this is enabled by default for Administrators.
Unfortunately, it doesn't work transparently in that it requires that
the program first request backup privileges, and then pass the right
flag to NtCreateFile.

On Cygwin (as of 1.7 at least) file access is wrapped to use the
backup permission all the time, restoring some level of sanity[0].
This allows all files to be backed up using rdiff-backup in Cygwin,
but Windows ACLs aren't preserved, and Windows ACLs don't map directly
onto POSIX ACLs so it looks like this won't be possible in Cygwin. The
native build of rdiff-backup seems to be able to backup and restore
ACLs, but it can't access quite a lot of my users' files, even when
run as the SYSTEM user.

Has anyone come across this issue before, and found a solution?
Alternatively, is there something I'm missing? If, as it seems, this
feature isn't present, is it something that could be added to
rdiff-backup itself (even via an ugly hack - I'm not picky :P) or
would it require a custom Python build? I've had a quick look at the
code but it's fairly overwhelming at first glance, and I'm not sure at
what level the actual file opening is even done.

Thanks for your time,
Nye

[0] http://cygwin.com/ml/cygwin/2008-03/msg00663.html