Users in the Backup and Restore roles can view and modify any file on the system. This includes the password and other security-oriented files. Be sure that trustworthy users are placed in these roles.
The following recommendation may prove helpful as you set up your system to perform backup and restore.
For some customer environments, it is required that the device used in backing up and restoring the entire system be protected from other users. The steps below help you make certain that you set up the system backup and restore correctly.
This configuration allows only the root user and members of group backup to access the system backup device.