backups: Backups should not be available to regular users including the 'plinth' user

Backups should not be available to regular users including the 'plinth' user. Otherwise, this would become a way for adversaries to gain any secret from the system if they have compromised Plinth. Adding encryption may be a way to ensure this. This argument is also relevant for exported tarballs. Another safety measure could be for the action script to generate the list of files and directories from application list instead of being given the list.

Copied from original issue #433 (closed).