Service and security

Hello everybody,
I’d like to know what are some good practices to run Duplicati securely (in case there’s a vulnerability it won’t compromise the entire machine).

If anybody runs Duplicati under a dedicated user with specific permissions please post here.

Also, is there a way to use VSS without root (administrator) permission?
I currently have some failing files because ‘partially locked by process …’.

Thanks!
A

I like your thought process… running services with a least privilege approach is a great idea. But as far as I know administrative rights are needed to create VSS snapshots.

Being an Administrator (or Backup Operator) also allows backup software to back up data regardless of NTFS permissions. Very useful feature for backup software…