BlackBerry Forums Support Community               

Closed Thread
 
LinkBack Thread Tools
Old 09-20-2008, 12:56 PM   #1 (permalink)
Talking BlackBerry Encyclopedia
 
Join Date: Jan 2008
Model: 9300
PIN: N/A
Carrier: AT&T
Posts: 254
Post Thanks: 2
Thanked 0 Times in 0 Posts
Default Backup file security properties

Please Login to Remove!

The backup file is owned and readable by the logon ID. Is there any way to change it to inherit from the parent folder?

Thanks!
Offline  
Old 09-20-2008, 01:31 PM   #2 (permalink)
BlackBerryForums.com Super Moderator
 
SteveO86's Avatar
 
Join Date: Sep 2007
Location: Florida
Model: 9650
OS: 6.0.0.280
PIN: I heard it drop!
Carrier: VZW BIS
Posts: 6,534
Post Thanks: 0
Thanked 4 Times in 1 Post
Default

Are you talking about the .ipd file when you backup your BlackBerry to your computer?
__________________
8830 -> 8330 -> 9550 -> 9650
Just think about how far BlackBerries have come from then till now... And what else is coming.

Follow me on Twitter
Offline  
Old 09-20-2008, 05:52 PM   #3 (permalink)
Crimson Tide Moderator
 
JSanders's Avatar
 
Join Date: Oct 2004
Location: North of the moss line
Model: 9xx0
OS: 7.0sumtin
PIN: t low
Carrier: Verizon
Posts: 41,907
Post Thanks: 60
Thanked 244 Times in 182 Posts
Default

Wirelessly posted (8310; Category 5)

Please explain your end use need. This sounds interesting.
Offline  
Old 09-20-2008, 07:26 PM   #4 (permalink)
Talking BlackBerry Encyclopedia
 
Join Date: Jan 2008
Model: 9300
PIN: N/A
Carrier: AT&T
Posts: 254
Post Thanks: 2
Thanked 0 Times in 0 Posts
Default

yes, .ipd

They are to be backed up by a daemon process which runs as a different user.
Offline  
Old 09-20-2008, 08:18 PM   #5 (permalink)
BlackBerryForums.com Super Moderator
 
SteveO86's Avatar
 
Join Date: Sep 2007
Location: Florida
Model: 9650
OS: 6.0.0.280
PIN: I heard it drop!
Carrier: VZW BIS
Posts: 6,534
Post Thanks: 0
Thanked 4 Times in 1 Post
Default

a deamon process, are you running a UNIX/Linux box?

The .ipd backups are just normal files one a computer there isn't anything special about them and then can be explored using programs such as ABC Amber BlackBerry converter. If you want the .ipd files more secure you may want to encrypt the files using EFS or a 3rd party encryption utility. Or depending how advanced you want to get place in a folder where only your user account has access and deny Read access to everyone else for that folder.

Please tell me if I am looking too deep into this. Or if I missing the point completely .

How are you backing up the BlackBerry via a different login ID? Maybe editing the folder permissions for that user would be the easiest way to give them access.
__________________
8830 -> 8330 -> 9550 -> 9650
Just think about how far BlackBerries have come from then till now... And what else is coming.

Follow me on Twitter

Last edited by SteveO86 : 09-20-2008 at 08:20 PM.
Offline  
Old 09-20-2008, 09:14 PM   #6 (permalink)
Talking BlackBerry Encyclopedia
 
Join Date: Jan 2008
Model: 9300
PIN: N/A
Carrier: AT&T
Posts: 254
Post Thanks: 2
Thanked 0 Times in 0 Posts
Default

It runs on Windows as a service

The backup folder is set up with proper permission and inherits from parent.

The problem is that DM creates the file and set its owner and permission, limiting access to only the current user. The backup process then would fail to access it.

Last edited by cheerful : 09-20-2008 at 09:17 PM.
Offline  
Old 09-20-2008, 09:58 PM   #7 (permalink)
BBF Spam Killer Moderator
 
daphne's Avatar
 
Join Date: May 2007
Location: on a sunny beach
Model: Z
OS: 10.2.1.12
PIN: X1ZPY34K
Carrier: VZW
Posts: 9,165
Post Thanks: 122
Thanked 146 Times in 116 Posts
Default

So why is that a problem? Are you trying to access backup files that belong to someone else.. another user? Possibly that user has their account password protected? Is this an individual person's PC, or a company owned PC?
__________________
Report spam text messages to 7726
#BlackBerry by choice #BlacBerry 10 is here!

Last edited by daphne : 09-20-2008 at 09:59 PM. Reason: typo
Offline  
Old 09-20-2008, 10:03 PM   #8 (permalink)
Talking BlackBerry Encyclopedia
 
Join Date: Jan 2008
Model: 9300
PIN: N/A
Carrier: AT&T
Posts: 254
Post Thanks: 2
Thanked 0 Times in 0 Posts
Default

The backup process runs as System. The file is accessible only to the user. It's a problem so that the backup process won't work. Why does DM want to change the permission instead of just inherit from the folder?
Offline  
Old 09-20-2008, 10:06 PM   #9 (permalink)
iPhone Convert
 
juwaack68's Avatar
 
Join Date: Oct 2005
Location: Tulip City - MI
Model: iP5
OS: 6.0.2
PIN: to beans
Carrier: I'm not
Posts: 13,875
Post Thanks: 3
Thanked 72 Times in 55 Posts
Default

Are you the person trying to do a backup of your own BB? What OS is on the computer?

This sounds.....weird. Maybe I just don't understand.
__________________
No longer a BES Admin, but it was fun while it lasted!
Offline  
Old 09-20-2008, 10:14 PM   #10 (permalink)
BBF Spam Killer Moderator
 
daphne's Avatar
 
Join Date: May 2007
Location: on a sunny beach
Model: Z
OS: 10.2.1.12
PIN: X1ZPY34K
Carrier: VZW
Posts: 9,165
Post Thanks: 122
Thanked 146 Times in 116 Posts
Default

I don't understand either. If you are the user, why is it a problem?
__________________
Report spam text messages to 7726
#BlackBerry by choice #BlacBerry 10 is here!
Offline  
Old 09-21-2008, 12:16 AM   #11 (permalink)
BBF Moderator
 
John Clark's Avatar
 
Join Date: Jun 2005
Model: Z30
OS: 10.2.1.x
PIN: s & needles
Carrier: AT&T
Posts: 34,679
Post Thanks: 4
Thanked 96 Times in 71 Posts
Default

Are you talking about a backup file made by another user login of the same computer? You need to explain a little better what you are attempting to do. It sounds like you are attempting to get a file that's not yours.
Offline  
Old 09-21-2008, 12:21 AM   #12 (permalink)
BBF Spam Killer Moderator
 
daphne's Avatar
 
Join Date: May 2007
Location: on a sunny beach
Model: Z
OS: 10.2.1.12
PIN: X1ZPY34K
Carrier: VZW
Posts: 9,165
Post Thanks: 122
Thanked 146 Times in 116 Posts
Default

Desktop Manager is not installed as a service. When DM is started, it starts three processes.

C:\Program Files\Research In Motion\BlackBerry\DesktopMgr.exe

These two run under services.exe and svchost.exe, but they are not installed as services on the PC:
C:\Program Files\Common Files\Research In Motion\RIMDeviceManager\RIMDeviceManager.exe
C:\Program Files\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe

Desktop Manager also can be installed under HKEY_CURRENT_USER or HKEY_LOCAL_MACHINE. That choice is given during the installation process.

If it's installed for current user, someone under a different user account is not going to be able to run it. If the user had to reinstall the Windows OS, that could create problems with ownership of files and folders.
__________________
Report spam text messages to 7726
#BlackBerry by choice #BlacBerry 10 is here!

Last edited by daphne : 09-21-2008 at 12:33 AM. Reason: typo
Offline  
Old 09-21-2008, 07:32 AM   #13 (permalink)
Crimson Tide Moderator
 
JSanders's Avatar
 
Join Date: Oct 2004
Location: North of the moss line
Model: 9xx0
OS: 7.0sumtin
PIN: t low
Carrier: Verizon
Posts: 41,907
Post Thanks: 60
Thanked 244 Times in 182 Posts
Default

Quote:
Originally Posted by JSanders View Post
Wirelessly posted (8310; Category 5)

Please explain your end use need. This sounds interesting.
I'd still like to know the answer to my question and the other moderator's questions before I delete this thread.
Offline  
Old 09-21-2008, 07:40 AM   #14 (permalink)
Grumpy Moderator
 
NJBlackBerry's Avatar
 
Join Date: Aug 2004
Location: Somewhere in the swamps of Jersey
Model: i5s
Carrier: AT&T
Posts: 27,798
Post Thanks: 33
Thanked 441 Times in 381 Posts
Default

And do NOT post (again) the same thing.
What are you trying to do here?
Offline  
Old 09-21-2008, 09:10 AM   #15 (permalink)
Talking BlackBerry Encyclopedia
 
Join Date: Jan 2008
Model: 9300
PIN: N/A
Carrier: AT&T
Posts: 254
Post Thanks: 2
Thanked 0 Times in 0 Posts
Default

I realized that the word backup is ambiguous in followup posts.

DM create those backup files (.ipd) on Windows in the folder I chose. That folder is set to have a few users to access. Typically, application creates file and set it to inherit access control list (ACL) from parent (the default behavior). However, DM changes to be accessible by only the current user.

I also have a Windows backup application running as service. Its job is to copy files and folders. It now fails b/c it runs as a different user and was unable to access the file.

The question: how can I change DM to just behave like other application to leave the backup file ACL alone?
Offline  
Old 09-21-2008, 09:13 AM   #16 (permalink)
BlackBerry God
 
penguin3107's Avatar
 
Join Date: Jan 2005
Model: iOS 5
Carrier: VZW
Posts: 11,701
Post Thanks: 1
Thanked 237 Times in 219 Posts
Default

Quote:
Originally Posted by cheerful View Post
The question: how can I change DM to just behave like other application to leave the backup file ACL alone?
You can't. That would essentially defeat the security on the .ipd file.
The whole purpose of a secure backup is so that only the user has the ability to read it/restore it. If another user could access the .ipd backup file, then you could essentially open it, and restore it to a different device. That would be a bad thing, so RIM disallows it for obvious reasons.
__________________
BCSA
BES 5.0.3 MR4 :-: Exchange 2007 SP3 RU3
http://port3101.org
Offline  
Old 09-21-2008, 09:51 AM   #17 (permalink)
Talking BlackBerry Encyclopedia
 
Join Date: Jan 2008
Model: 9300
PIN: N/A
Carrier: AT&T
Posts: 254
Post Thanks: 2
Thanked 0 Times in 0 Posts
Default

I don't think it's a good design. If user choose to store it outside Doc&Set\user, then it's his choice. At least it should allow SYSTEM to access it.
Offline  
Old 09-21-2008, 10:39 AM   #18 (permalink)
BlackBerry God
 
penguin3107's Avatar
 
Join Date: Jan 2005
Model: iOS 5
Carrier: VZW
Posts: 11,701
Post Thanks: 1
Thanked 237 Times in 219 Posts
Default

Quote:
Originally Posted by cheerful View Post
I don't think it's a good design.
Then you don't know very much about good security practices.
Whatever your opinions are... that doesn't change the fact that you can't do what you want.
It is what it is.
__________________
BCSA
BES 5.0.3 MR4 :-: Exchange 2007 SP3 RU3
http://port3101.org
Offline  
Old 09-21-2008, 10:46 AM   #19 (permalink)
Talking BlackBerry Encyclopedia
 
Join Date: Jan 2008
Model: 9300
PIN: N/A
Carrier: AT&T
Posts: 254
Post Thanks: 2
Thanked 0 Times in 0 Posts
Default

Quote:
Originally Posted by penguin3107 View Post
Then you don't know very much about good security practices.
You do? Give me a break.
Offline  
Old 09-21-2008, 10:57 AM   #20 (permalink)
Grumpy Moderator
 
NJBlackBerry's Avatar
 
Join Date: Aug 2004
Location: Somewhere in the swamps of Jersey
Model: i5s
Carrier: AT&T
Posts: 27,798
Post Thanks: 33
Thanked 441 Times in 381 Posts
Default

Enough.
Offline  
Closed Thread


Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

vB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are On





Copyright 2004-2014 BlackBerryForums.com.
The names RIM and BlackBerry are registered Trademarks of BlackBerry Inc.