Depends on how complicated your backups are. For example the client box tarball's it all up, one file to move, things are suddenly a lot different then maintaining a multi gigabyte file tree. Let's assume for a moment we're talking file trees with lots of different owners and perms, and no tarballs. Yes rsync needs to run as root on the server, to set file perms/etc, this can be somewhat mitigated by chroot'ing it (probably will be ok, but chroot can be broken out of by root, so some buffer overflow in rsync with a hostile client might be bad news). Basically any backup software will have to run as root to set file perms, setuid/setgid bits, yadayada (kernel capabilities and whatnot aside). Hopefully that software was built with this in mind and supports some nice controls (like only write/read files in /foo/backups/*). Kurt