On Thu, Jul 17, 2025 at 7:13 AM otto.cooper <otto.coo...@proton.me> wrote:
> Suppose you are legally bound by the following local policy: > > 1. /archive is subject to daily backups; > 2. all exported folders must be /archive subfolders; > 3. not all subfolders of /archive can be exported; > 4. each exported folder has limited visibility (e.g. LAN group A can only > access /archive/A, LAN group B can only access /archive/B) > > If you write an export folder outside /archive, you go to jail because of > policy #2. > > If you use --alldirs, you go to jail because of policy #3 and #4. > > What do you do? > Don't use --alldirs. If each exported folder has limited visibility anyway, there is no reason you would even want someone to have access to all folders, which is what --alldirs would do. You pose the question as if your choices are to use --alldirs and violate policies #3 and #4, or not use --alldirs and violate policy #2. But policy #2 has nothing to do with -alldirs. All policy #2 says is you can't export things outside of /archive, such as /root, or /usr/local, or /home/jdoe. -ken
