首頁 探索 說明
登入
mirrors
/
borg
镜像来自 https://github.com/borgbackup/borg
2
0
複刻 0
檔案 問題管理 0 Wiki
瀏覽代碼

[DOCS] #4883 – Borg documentation downplays severity of Nonce reuse issue

Shorten the log info for deleting/keeping security info. Fix bad wording.
Thalian 5 年之前
父節點
41ecd1ae30
當前提交
1d9dadd6b7
共有 2 個文件被更改,包括 6 次插入8 次删除
統一視圖 顯示文件統計
  1. 4 3
      docs/faq.rst
  2. 2 5
      src/borg/archiver.py

+ 4 - 3
docs/faq.rst
查看文件 

@@ -202,9 +202,10 @@ the working repository to the same location:
 
 A plain delete command would remove the security info in
 
 A plain delete command would remove the security info in
 
 ``~/.config/borg/security``, including the nonce value. In BorgBackup
 
 ``~/.config/borg/security``, including the nonce value. In BorgBackup
 
 :ref:`security_encryption` is AES-CTR, where the nonce is a counter. When the
 
 :ref:`security_encryption` is AES-CTR, where the nonce is a counter. When the
 
-working repo was used later for creating new archives, Borg would initialize a
 
-fresh nonce, which would be bad for security reasons. To prevent this, the
 
-``keep-security-info`` option is applied so that the nonce counter is kept.
 
+working repo was used later for creating new archives, Borg would re-use nonce
 
+values due to starting from a lower counter value given by the older copy of the
 
+repository. To prevent this, the ``keep-security-info`` option is applied so
 
+that the client-side nonce counter is kept.
 
 
 
 Can Borg add redundancy to the backup data to deal with hardware malfunction?
 
 Can Borg add redundancy to the backup data to deal with hardware malfunction?
 
 -----------------------------------------------------------------------------
 
 -----------------------------------------------------------------------------

+ 2 - 5
src/borg/archiver.py
查看文件 

@@ -1212,10 +1212,7 @@ class Archiver:
 
                     SecurityManager.destroy(repository)
 
                     SecurityManager.destroy(repository)
 
             else:
 
             else:
 
                 logger.info("Would delete repository.")
 
                 logger.info("Would delete repository.")
 
-                if keep_security_info:
 
-                    logger.info("Would keep security info.")
 
-                else:
 
-                    logger.info("Would delete security info.")
 
+                logger.info("Would %s security info." % ("keep" if keep_security_info else "delete"))
 
         if not dry_run:
 
         if not dry_run:
 
             Cache.destroy(repository)
 
             Cache.destroy(repository)
 
             logger.info("Cache deleted.")
 
             logger.info("Cache deleted.")
 
@@ -3359,7 +3356,7 @@ class Archiver:
 
         you run ``borg compact``.
 
         you run ``borg compact``.
 
 
 
         When you delete a complete repository, the security info and local cache for it
 
         When you delete a complete repository, the security info and local cache for it
 
-        (if any) is also deleted. Alternatively, you can delete just the local cache
 
+        (if any) are also deleted. Alternatively, you can delete just the local cache
 
         with the ``--cache-only`` option, or keep the security info with the
 
         with the ``--cache-only`` option, or keep the security info with the
 
         ``--keep-security-info`` option.
 
         ``--keep-security-info`` option.