Take a windows 7 machine. Create 2 users - bob and backup, both are local admins.
Bob will use the machine and you install shadowprotect on the machine. You connect an external usb drive to back up to - F:\images.
I am afraid that if machine gets crypto malware, it may encrypt the images. People say to not give the user rights to that folder on the external drive. Shadowprotect will run as 'system'?
I logged in as bob, right click on the f:\images folder, properties, security. I took out bob as having any rights. I gave the user 'backup' full rights (so I can get to that share if needed at some point).
When logged in as bob, if you click on that f:\images folder you get the message that you don't have rights to the folder. >>>> but (and here's the issue), it asks you if you want permanant access to that folder.
Is there a way to keep bob (yes, a local admin) from getting that simple prompt to get permanent access? Yeah, as an admin, he could add himself to the permissions / take ownership, etc. I am OK with that. It's that simple 'want me to let you access the folder' question that I don't like. I envision at some point they click on that folder, say yes, and then when crypto hits, the backups are trashed.
Or is the only way to get away from that message to make bob a standard user?