Controlling Leopard user permissions with launchd-user.conf

INTRODUCTION:
For the uninitiated OS X file permissions are still being developed and documented. In the meantime some default permissions are not prudently set, eg new items created by users grant read access to 'everyone'.
There is growing interest in the use of a launchd-user.conf file to control the default permissions for all users without endangering system performance in the way which launchd.conf can do. This is documented by Apple for OS X Server at http://support.apple.com/kb/HT2202 although it also works for my non-server Leopard installations.
PROCEDURE:
The following Finder based procedure is adequate:
1 - Create a new text file containing:
umask 077
2 - Set its permissions to:
user (Me) - Read and Write
everyone - Read only
3 - Name the file:
launchd-user.conf
4 - Use the Finder's 'Go to Folder' command to open:
/etc
5 - Put the new file in the 'etc' folder - you will be asked to authenticate this step.
6 - Restart.
7 - Test for at least two users. All new items created by Users should now have the following permissions:
user (Me) - Read and Write
everyone - No Access
8 - If you want to undo the above you only have to remove launchd-user.conf from /etc and restart.
DIFFICULTIES:
The common reasons for the above not working first time are:
A - Incorrect file name - at least one site got it wrong
B - Use of Log Out - Restart is necessary for this
C - Incorrect permissions for launchd-user.conf - 2 above works and so does replacing 'everyone' with 'staff' although this can be slightly more tedious in the Finder.
WARNINGS:
The few users who use Root access will find that this fails to alter anything for them, ie new items created by Root will still have the original default of: 'everyone - Read only'.
I anticipate that this procedure will stop 'Public' and 'Sites' folders from functioning as intended so if any user requires these you may need a more elaborate approach.
GOING FURTHER:
I have also asserted equivalent permissions by selecting 'Apply to enclosed items' for each user folder. This is irreversible and you are strongly advised to backup before attempting it particularly as any pitfalls may not be evident for a while. I have not, so far, experienced the difficulties described at http://discussions.apple.com/thread.jspa?threadID=1788541 but you are advised to read it.
QUESTIONS:
X - Is there a satisfactory way of doing the same for Root users?
Y - Is there a simple way to reinstate satisfactory defaults for 'Public' and 'Sites' folders?
Z - Since I started playing with OS X about two years ago I have often thought that I would prefer all permissions to be controlled solely by the directory address of folders. Can this be done with Leopard and if so how?
RELATED LINKS:
At the time of writing there were only 12 related links at:
http://www.google.co.uk/search?num=100&newwindow=1&q=%22launchd-user.conf%22&lr= lang_en

François L wrote:
Neville Hillyer wrote:
Y - Is there a simple way to reinstate satisfactory defaults for 'Public' and 'Sites' folders?
On http://www.apple.com/support/security/guides/?aosid=p204&siteid=982861&program_i d=2701&cid=OAS-EMEA-AFF&tduid=04ef3a9b9d2b80c382ed275fbba9df74,
you can get the +Mac OS X Security Configuration Guide (2nd Ed)+,
and page 135, you can read :
"To change the global umask file permission:
1 Sign in as a user who can use sudo.
2 Open Terminal.
3 Change the umask setting:
$ sudo echo “umask 027” >> /etc/launchd.conf
This example sets the global umask setting to 027.
changing umask by modifying /etc/launchd.conf is a very bad idea IMO and should be avoided. that security guide is outdated. 10.5.3 introduced the ability to change umask for users only by modifying /etc/launchd-user.conf as mentioned by the original poster and in the KB article that he cites. Changing umask by modifying /etc/launchd.conf changes it for absolutely everything including all system files and operations. this would pose a huge security risk if one chooses a more permissive umask than the default one and potentially make the system unusable if the umask is set to be too restrictive. apparently 027 umask mentioned in that article is safe to use but I wouldn't want to test the limits.

Similar Messages

  • Setting global umask via NSUmask or /etc/launchd.conf and /etc/launchd-user.conf broken?

    The procedure to change the default global umask from 0022 to 0002, so that most files created by one user on a machine will be read-write by other users in the same group, seems to have been broken or to have been changed in OS X Lion from OS X Snow Leopard.  What worked as far back as OS X 10.4 and was officially documented was done from Terminal: "defaults write /Library/Preferences/.GlobalPreferences NSUmask 2" (with a sudo, if not logged in as 'root').
    Another way documented in various places and which I actually used through OS X 10.6 was also done via Terminal. Two files were created: /etc/launchd.conf (for system-wide global umask) or /etc/launchd-user.conf (for user-specific global umask).  The contents of each were simply the single umask command, "umask 002" or ("umask u=rwx,g=rwx,o=rx", I can't remember which variant I used - they're functionally the same, though).
    No matter which method I use, the 2nd or the 1st, the global umask no longer changes.
    Does anyone know whether this has been deliberately hobbled under OS X Lion, requiring purchase of OS X Lion Server?  Is this an OS X Lion bug?  Or, am I looking at something wrong?

    See this support article, which was written for OS X Server, but seems applicable to  Mac OS X client versions as well:
    Mac OS X Server v10.5, 10.6: Setting a custom umask
    The excerpt below describes the use of /etc/launchd-user.conf, and strongly cautions against using /etc/launchd.conf.
    Umask for user applications
    In Mac OS X v10.5.3 and later, you can create the file /etc/launchd-user.conf with the contents "umask nnn". Do not include the quotation marks and replace nnn with the desired umask value, such as 027 or 002.
    This will set the user's umask for all applications they launch, such as Finder, TextEdit, or Final Cut Pro, and control the permissions set on new files created by any of these applications.
    Umask for system processes
    In Mac OS X v10.4 and later, create the file /etc/launchd.conf with the contents "umask nnn". Do not include the quotation marks and replace nnn with the desired umask value, such as 027 or 002.
    This will set the umask for all processes. Changing this value is strongly discouraged because it changes the permissions on files used by the system software. If the permissions are too restrictive, dependent software may not work. If the permissions are too open, they may introduce security issues.

  • /etc/launchd-user.conf and launchd.conf no longer work in Yosemite 10.10.2

    As the subject says. According to this: https://support.apple.com/en-us/HT201684, they should. However according to the man page for launchd.conf. "launchd.conf is no longer respected by the system."  Setting "umask 077" in /etc/launchd-user.conf should be forcing the default file creation permissions to 600, and folder creation to 700, but it is not doing anything.
    I've tried this on a fresh install of 10.10.2. doing a "touch 1" creates a file named 1 with the perms -rw-r--r--. On a Mavericks install it creates a file named 1 with the perms -rw------- as expected.

    Send Apple feedback. They won't answer, but at least will know there is a problem. If enough people send feedback, it may get the problem solved sooner.
    Feedback

  • JPEGS wreaking havoc with Leopard users

    I have had serious problems in sending an email with a JPEG attachment to recipients who are running the Leopard OS. The email will basically make the recipient's Apple mail program, and sometimes the whole operating system, choke. One recipient had such a bad time he had to reinstall his entire OS in order to get up and running again. NOTE: The JPEG in question is a small file (176k), and had no problems being received by people running Apple OS 10.4 or earlier, nor any problems for those with PC/Windows platform.
    As a workaround, I tried sending the image embedded as part of an HTML formatted email, but Leopard users (and again ONLY Leopard users -- all other recipients had no problems) received the properly formatted text, but the image (from the same original jpeg previously sent as an attachment) did not display. Ironically and interestingly, when Leopard users clicked on a link from the HTML formatted email, when viewing that URL in Safari they could STILL not see the same image on the web, viewing instead an empty box where the image should have been. When they went to the same URL in Firefox, the image displayed correctly. For anyone interested, the web page that will not display correctly for those using the Safari/Leopard combination is here:
    http://www.lernerphoto.com/content.html?page=5
    Clearly there is some kind of problem with the JPEG and the Leopard OS/Apple Safari. No one else has any kind of trouble like this. Anyone have any idea what the bug is, and when/how it might be fixed?
    Many thanks for any feedback.
    Paula Lerner
    [email protected]
    www.lernerphoto.com

    Yes, it is a new twist on the problem discussed for several pages here:
    http://discussions.apple.com/thread.jspa?messageID=5660769
    I used Firefox to grab your jpeg, the used HexEdit to open it. Sure enough, at the top was the exif information, including this:
    Shahla and one of her daughters stand in their courtyard to remove their shoes before entering their mud-walled house. Many Kandahari women rarely leave home and live most of their lives within the confines of their compound walls. (Photo by © Paula Lerner)
    --I had to remove some unrecognized characters to get the above to display correctly here
    Once I deleted the exif data in HexEdit and resaved the file it opened fine in Safari and Preview.
    Francine
    Francine
    Schwieder

  • Sharing a Calendar from Mountain Lion server with Snow Leopard users on local network

    Hello.
    I have a new Mac Mini Server running Mountain Lion Server and I want to create a shared calender for a mix of Lion, Mountain Lion and Snow Leopard users on our local network. Does anyone have any info on how to do this? I have tried using the Server App and Calender Help within the applications, but the content isn't available. I have managed to create a Shared Calender  from the Mini's Calendar App where I've  added users and I can see a 'wireless' transmit icon to the right of the Calendar name - but I cant get any of the users' iCal or Calendar apps to recognise the Calendar on the local network. I've also created a Location in the Server App under Calendar and still can't see anything on the local network. Am I missing something really obvious?
    Thanks in advance!

    Sorry, I hadn't explained everything fully. I don't want to open up my VPN to friends and family. I do have the router assigning the NAS a fixed IP, so that when I connect over the VPN I can use the local IP address to connect, as you have mentioned.
    What I would like is for my friends or family to connect to my server over AFP or SMB using the public IP of my network, which my router then forwards onto my server, and display the available sharepoints configured using Mountain Lion server. However, the NAS drive is not an available option this way as it has a separate IP to the server.
    As the NAS alllows guest access, I also don't want to configure the router to forward a specific port to it, as this way it will be open to the internet. I wanted to try and use my server as an authentication point, with profiles set using Mountain Lion server, and limited to file sharing services only.
    Hope this makes sense.

  • HT1338 Lack of Support for Leopard users

    Has Apple abandoned all Leopard users? I cannot get updated plug-ins for Safari and Firefox, therefore cannot access some internet sites. Seems Apple wants us to purchase Intel-based computers or be relegated to the trash can. I'd rather shift to PCs (after over 20 years with Apple) than submit to this extortion.

    The last PowerPC Macs were made around 2005'ish (7 years ago when I got my PowerMac G5).  I would not call that so much planned obsolesence.  Rather more that PowerPC Macs ARE Obsolete!
    And if you decide to switch to Windows, you will still be buying an intel chip, so intel wins either way (well I guess you could get an AMD chip, but it is still the intel instuction set).
    Yes your PowerPC still works, and it can most likely continue to provide good service running Leopard, but just as my old car did not integrate with my iPod, it did not have hands free bluetooth phone integration, it did not have heated seats, etc..., your old PowerPC Mac is not going to support all the new computer tech features.  Eventually you will need to replace it, and when you do, you get the current set of features from whatever Computer/OS vendor you choose to buy.

  • Snow Leopard users: Turn off automatic date and time in System Preferences immediately

    http://arstechnica.com/apple/2014/12/apple-automatically-patches-macs-to-fix-sev ere-ntp-security-flaw/
    When exploited, the NTP flaw can cause buffer overflows that allow remote attackers to execute code on your system.
    What this means is that, if you allow date and time to be set automatically by outside servers, you risk having your computer taken over.
    This is a critical issue, it's being exploited as we speak, and Apple has not provided the update to Snow Leopard users, only to 10.8/Mountain Lion and above. I strongly doubt Apple will ever get around to issuing an update for Snow Leopard, or they would have already. Chances of that happening are close to zero

    To me 10.6.8 is still the best OS X Apple ever released and I patched my system just like the shellshock back in September. It's really easy if you have some basic shell skills and XCODE installed,
    Here is what I did, it may save you some time:
    open the terminal app
    1) Download the source code, apply the patch (I got the source code links from the ntp site)
    cd ~
    mkdir ntpd-fix
    cd ntpd-fix
    curl http://www.eecis.udel.edu/~ntp/ntp_spool/ntp4/ntp-4.2/ntp-4.2.8.tar.gz | tar zxf -
    2) Patch and compile the ntp source code
    cd ntp-4.2.8/ntpd
    curl http://bugs.ntp.org/attachment.cgi?id=1165 | patch -p1
    cd ..
    ./configure && make
    3) Open the system preferences - Date & Time - uncheck Set date and time automatically (to stop the process)
    4) Rename the old object and then replace/copy them with the new objects
    cd /usr/bin
    sudo mv sntp sntp.old
    sudo mv ntpq ntpq.old
    sudo mv ntp-keygen ntp-keygen.old
    cd /usr/sbin
    sudo mv ntpdc ntpdc.old
    sudo mv ntpdate ntpdate.old
    sudo mv ntpd ntpd.old
    cd ~/ntpd-fix/ntp-4.2.8
    sudo cp sntp/sntp /usr/bin
    sudo cp util/ntp-keygen /usr/bin
    sudo cp ntpq/ntpq /usr/bin
    sudo cp ntpdc/ntpdc /usr/sbin
    sudo cp ntpdate/ntpdate /usr/sbin
    sudo cp ntpd/ntpd /usr/sbin
    sudo chown root:wheel /usr/bin/sntp
    sudo chown root:wheel /usr/bin/ntp-keygen
    sudo chown root:wheel /usr/bin/ntpq
    sudo chown root:wheel /usr/sbin/ntpdc
    sudo chown root:wheel /usr/sbin/ntpdate
    sudo chown root:wheel /usr/sbin/ntpd
    5) Open the system preferences - Date & Time - uncheck Set date and time automatically (to start the process)
    6) Done.
    -- update time manually
    sudo ntpdate -u time.apple.com
    -- check ntpd version (should now be: ntpd [email protected])
    sudo ntpd --version

  • Safari can't establish secure connection in parental controls managed user account

    Hi,
    Safari can't establish any secure connection in parental controls managed user account. Normal web sites open OK, but secure connections, like Gmail which requires https doesn't work. This is what I get instead:
    Safari can’t open the page “https://www.google.com/accounts/ServiceLogin?service=mail&passive=true&rm=false& continue=http%3A%2F%2Fmail.google.com%2Fmail%2F%3Fui%3Dhtml%26zy%3Dl&bsv=llya694 le36z&scc=1&ltmpl=default&ltmplcache=2&from=login” because Safari can’t establish a secure connection to the server “www.google.com”.
    Any ideas how to overcome this?

    Do you have anti virus software installed, or Peer Guardian?
    "https note: For websites that use SSL encryption (the URL will usually begin with https), the Internet content filter is unable to examine the encrypted content of the page. For this reason, encrypted websites must be explicitly allowed using the Always Allow list. Encrypted websites that are not on the Always Allow list will be blocked by the automatic Internet content filter."
    From here:  
    Mac OS X v10.5, 10.6: About the Parental Controls Internet content filter

  • APO Security to control the users access

    Hi,
    Is there any possibility to control the users access by controlling through selection ID's or does it possible through any of the product lines (Characteristics)?
    My requirement is I have to control all the APO DP users in various levels of Product lines and the access has to be granted at specific product level. Right now I am trying do through selection ids, but I am looking for more effective way.
    Please help me with your views.
    Thank you in advance!
    Jegan

    Hi Jegan,
                  There are so many security objects in DP that you can try out and see if they meet your requirement.
    The way I understand your issue is to restrict user by certain products or BW characteristics.
    To control by Products, try the object  C_APO_PROD with activity APO_PROD (Product Identifier). You can select specific products here for each role and restrict by either display, change, execute, delete etc.
    If you want to restrict by BI characteristics, try  object S_RS_AUTH.
    Be careful with this as you are selecting BI objects, the system restricts them even if they are remote part of your work.
    If you have to restrict by specific product levels like all product lines, I am not sure how to do it but you can certainly try searching based on keyword "PROD".
    Please let us know if you discover something useful.

  • Control center user role - hide worksets

    Dear gurus,
      The control center user role is assigned to all the users by default. Could somebody please tell me how to hide selected worksets in the role.
    I have an option to delete items that are not configured in that role, I am trying to find out a means of hiding some of the worksets and pages, so that I donot have to delete or modify SAP delivered role and be able to make those items visible when required at a later stage.
    any help is appreciated.

    There are two roles involved. One is the SAP template, and should not be changed as it can be overwritten by patches etc. The other way can be editted the same as any role. It is the one with the id pcd:portal_content/every_user/cc_user/ccur.
    In here you can remove worksets, change the sequence etc or hide its visibility in the navigation area etc.

  • Output Control at User level

    Hi ,
    I have a requirement. Is that in the Output Determination  can we control the specific ouput type for user specific.
    I,e In billing output for output type "RD00" for the print medium 1, i need to control at user level. One user should be able to generate this output & the other user should not.
    Please give me suggestion on the above. This should be only controlled through configurations but not through any Z Programs.
    Points Rewarded.
    Regards,
    Chakri M

    Dear Chakri,
    As you mentioned that one user should have access for Output but the other should not have the same.
    Please contact your basis or security team to give the access to the person  whom you want authorisation for Output and check the other user whether he is having access to Output generation, If he have authorisation ask Basis team to deactive his  authorisation.
    If you have any concern revert back the same to me
    Amjad

  • Can i control surface logic 9 with digi 002 mixer? on snow leopard 10.6.8

    Hi I'm trying to connect my digi002 mixer to use it as a control surface with logic 9, is there anyway of doing this?
    I have an RME Hammerfall DSP Multiface II, that I'm using as my main sound card, but would like to light it with the 002 and use the 002 converters as well, so that in total i get 16 channels I/O + if I could get control surface of logic with the 002 would be great.....
    I heard about the Multi-Client CoreAudio Driver, but not 100% sure if and how it works to control surface logic with 002.
    Anyone???
    Help please....
    Thx...
    G

    I assume you have working installer discs? If so here's a suggestion:
    Clean Install of Snow Leopard
    Be sure you backup your files to an external drive or second internal drive because the following procedure will remove everything from the hard drive.
         1. Boot the computer using the Snow Leopard Installer Disc.  Insert the disc into the
             optical drive and restart the computer.  After the chime press and hold down the
             "C" key.  Release the key when you see a small spinning gear appear below the
             dark gray Apple logo.
         2. After the installer loads select your language and click on the Continue
             button. When the menu bar appears select Disk Utility from the Utilities menu.
             After DU loads select the hard drive entry from the left side list (mfgr.'s ID and drive
             size.)  Click on the Partition tab in the DU main window.  Set the number of
             partitions to one (1) from the Partitions drop down menu, set the format type to Mac
             OS Extended (Journaled, if supported), then click on the Partition button.
         3. When the formatting has completed quit DU and return to the installer.  Proceed
             with the OS X installation and follow the directions included with the installer.
         4. When the installation has completed your computer will Restart into the Setup
             Assistant. Be sure you configure your initial admin account with the exact same
             username and password that you used on your old drive. After you finish Setup
             Assistant will complete the installation after which you will be running a fresh
             install of OS X.  You can now begin the update process by opening Software
             Update and installing all recommended updates to bring your installation current.

  • Ldap schema extension to control which users / group are imported

    Hello,
    would like to have your opinion:
    would it be a good idea to implement ldap schema extensions to control
    which users / group are imported and controlled from ldap in a ldap
    mastered installation?
    e.g. we could implement the following schema extension for users:
    attributetype ( 1.3.6.1.4.1.<iana-org-id>.1.1 NAME ( 'BogusisBeehiveUser' )
         DESC ''
    EQUALITY booleanMatch
    SYNTAX 1.3.6.1.4.1.1466.115.121.1.7
    SINGLE-VALUE )
    # BogusinetOrgPerson
    # The BogusinetOrgPerson is derived from inetOrgPerson
    objectclass     ( 1.3.6.1.4.1.<iana-org-id>.1
    NAME 'BogusinetOrgPerson'
         DESC 'RFC2798: Internet Organizational Person, plus Bogus Extensions'
    SUP inetOrgPerson
    STRUCTURAL
         MAY (
              BogusisBeehiveUser )
    Then we could control the inclusion in beehive by simply switching
    BogusisBeehiveUser on or off.

    sure; that's pretty much what is talked about in the Install Guide for LDAP Integration under the "inclusion and exclusion" section, about here:
    http://download.oracle.com/docs/cd/E14897_01/bh.100/e14830/ldap.htm#CHDEFFJF
    that doesn't go into the specifics of how you might want to design your objectClass schemas, though, as beehive is agnostic to that.
    If you don't want to provision all users that match a certain existing rule (like everyone under dn=foo, or everyone where userType=employee), then adding a new attribute and building the profile inclusion rule around it is a valid thing to do.
    richard

  • How to mitigate control at User levels

    Hello Friends,
    Can anyone send me step by step process documentation on how to mitigating control at user levels? I have already run the risk analysis ( Global Conflict roles analysis/risk analysis). So I do have all detail information like control ID , management approver and description,etc.
    It will be highly appreciated on any guidence on this.
    Regards,
    Suvi

    Hi,
    Please follow the below steps to mitigate user.
    1.  once you get the all details ( Mitigation control id, approver id and Monitor id), then select/click on the RAR Mitigation tab-> click on the Mitigated User option->search.
    There is one page is open and then click on ADD button at the bottom of the screen. once you click on add option it will ask the Mitigation control id, user id, Risk id etc... once filled the all required filelds and save. Now successfully applied the moitihation control to the particler user.
    Regrads,
    Arjuna.

  • Repairing Permissions With DU -Vs- MainMenu

    Hello,
    I was curios does it matter if I repair permissions with disk Utility versus repairing them with Main Menu Pro version? Also will it hurt doing system maintenance using Main Menu. I know Main Menu is 3rd party, but I think it has been around long enough to be trusted. I've used it on my iMac 2008 without issue, but don't want to take any chances with this new MBP.
    Jaco

    All maintenance applications use the same programs as Disk Utility so it wouldn't make any difference. But you can perform all the needed maintenance that the third-party software does just a few specific utilities.
    There isn't that much maintenance required. Disk Utility can repair permissions (something you should rarely if ever need to do) as well as repair the hard drive. For the rest of it you can install the freeware, Applejack - CNet Downloads or MacUpdate.
    For the occasional time when a hard drive has a problem DU cannot fix use Disk Warrior. And, to clean caches if needed use Snow Leopard Cache Cleaner.
    Also, see:
    Kappy's Personal Suggestions for OS X Maintenance
    For disk repairs use Disk Utility. For situations DU cannot handle the best third-party utilities are: Disk Warrior; DW only fixes problems with the disk directory, but most disk problems are caused by directory corruption; Disk Warrior 4.x is now Intel Mac compatible. TechTool Pro provides additional repair options including file repair and recovery, system diagnostics, and disk defragmentation. TechTool Pro 4.5.1 or higher are Intel Mac compatible; Drive Genius is similar to TechTool Pro in terms of the various repair services provided. Versions 1.5.1 or later are Intel Mac compatible.
    OS X performs certain maintenance functions that are scheduled to occur on a daily, weekly, or monthly period. The maintenance scripts run in the early AM only if the computer is turned on 24/7 (no sleep.) If this isn't the case, then an excellent solution is to download and install a shareware utility such as Macaroni, JAW PseudoAnacron, or Anacron that will automate the maintenance activity regardless of whether the computer is turned off or asleep. Dependence upon third-party utilities to run the periodic maintenance scripts had been significantly reduced in Tiger and Leopard. These utilities have limited or no functionality with Snow Leopard and should not be installed.
    OS X automatically defrags files less than 20 MBs in size, so unless you have a disk full of very large files there's little need for defragmenting the hard drive. As for virus protection there are few if any such animals affecting OS X. You can protect the computer easily using the freeware Open Source virus protection software ClamXAV. Personally I would avoid most commercial anti-virus software because of their potential for causing problems.
    I would also recommend downloading the shareware utility TinkerTool System that you can use for periodic maintenance such as removing old logfiles and archives, clearing caches, etc. Other utilities are also available such as Onyx, Leopard Cache Cleaner, CockTail, and Xupport, for example.
    For emergency repairs install the freeware utility Applejack. If you cannot start up in OS X, you may be able to start in single-user mode from which you can run Applejack to do a whole set of repair and maintenance routines from the commandline. Note that AppleJack 1.5 is required for Leopard. AppleJack 1.6 is compatible with Snow Leopard.
    When you install any new system software or updates be sure to repair the hard drive and permissions beforehand. I also recommend booting into safe mode before doing system software updates.
    Get an external Firewire drive at least equal in size to the internal hard drive and make (and maintain) a bootable clone/backup. You can make a bootable clone using the Restore option of Disk Utility. You can also make and maintain clones with good backup software. My personal recommendations are (order is not significant):
    Backuplist
    Carbon Copy Cloner
    Data Backup
    Deja Vu
    iBackup
    JaBack
    Silver Keeper
    MimMac
    Retrospect
    Super Flexible File Synchronizer
    ynchronizer
    SuperDuper!
    Synchronize Pro! X
    SyncTwoFolders
    Synk Pro
    Synk Standard
    Tri-Backup
    Visit The XLab FAQs and read the FAQs on maintenance, optimization, virus protection, and backup and restore.
    Additional suggestions will be found in Mac Maintenance Quick Assist.
    Referenced software can be found at CNet Downloads or MacUpdate.

Maybe you are looking for