Submit Hint Search The Forums LinksStatsPollsHeadlinesRSS
14,000 hints and counting!


Click here to return to the 'Offsite daily encrypted backup via Dropbox' hint
The following comments are owned by whoever posted them. This site is not responsible for what they say.
Offsite daily encrypted backup via Dropbox
Authored by: mmnw on Nov 23, '10 08:21:20AM
There are some things with this hint I'd like to point out, some which concern security.
This hint will only be effective as long as you are logged on. Since Dropbox will only sync with the server while you are loogged on. So, if you are on a multiuser system, the sync will undergo next time you log on, which can be pretty annoying.
Being on a multiuser system brings other caveats regarding the image password. First, you should make sure the script is readable only by you (i.e. chmod 700), or you shouldn't store the password in the script at all (see man security for how to store the password in the keychain). Second, you should not call hdiutil with -p $password, since while the command is running every other user on the computer can retrieve your password with a simple ps aux from the list of running processes. You can fix this by using the −stdinpass option of hdiutil.
Last, there's a cosmetic issue. cron has been marked as depreciated by Apple since at least 10.5 (I think 10.4). What you "should" use instead is a launchd object, either a demon or an agent (see man launchd, launchctl and launchd.plist). Working as an agent would also make sure the script is only executed while you are logged in and therefore Dropbox running.

[ Reply to This | # ]
Offsite daily encrypted backup via Dropbox
Authored by: leamanc on Nov 23, '10 12:04:30PM

I gotta second the notion that this script be moved from cron to launchd, so that you can take advantage of having the script only run at user login. There will be errors with Dropbox not up and running (syncing to its server), and I don't see much facility for error handling in the script.

EDIT: Well, now that I think about it, Dropbox won't actually produce any errors, but there is still the net result of the dmg file not getting synced. The script should somehow check to see that the file was uploaded to Dropbox; perhaps this could be done by intercepting Dropbox's Growl notification about changed files?

Edited on Nov 23, '10 12:07:02PM by leamanc


[ Reply to This | # ]