首页 发现 帮助
登录
mirrors
/
borg
镜像自地址 https://github.com/borgbackup/borg
2
0
派生 0
文件 工单管理 0 Wiki
浏览代码

Merge pull request #3697 from ThomasWaldmann/backports-17

Backports 17
TW 7 年之前
父节点
d7ec959ce2 2f443cae73
当前提交
8f2d80e60b
共有 2 个文件被更改,包括 33 次插入3 次删除
合并视图 显示文件统计
  1. 17 0
      docs/internals/security.rst
  2. 16 3
      docs/usage/notes.rst

+ 17 - 0
docs/internals/security.rst
查看文件 

@@ -37,6 +37,10 @@ Under these circumstances Borg guarantees that the attacker cannot
 
 The attacker can always impose a denial of service per definition (he could
 
 The attacker can always impose a denial of service per definition (he could
 
 forbid connections to the repository, or delete it entirely).
 
 forbid connections to the repository, or delete it entirely).
 
 
 
+When the above attack model is extended to include multiple clients
 
+independently updating the same repository, then Borg fails to provide
 
+confidentiality (i.e. guarantees 3) and 4) do not apply any more).
 
+
 
 .. _security_structural_auth:
 
 .. _security_structural_auth:
 
 
 
 Structural Authentication
 
 Structural Authentication
 
@@ -369,3 +373,16 @@ while libssl implements TLS and related protocols.
 
 The latter is not used by Borg (cf. `Remote RPC protocol security`_, Borg itself does not implement
 
 The latter is not used by Borg (cf. `Remote RPC protocol security`_, Borg itself does not implement
 
 any network access) and historically contained most vulnerabilities, especially critical ones.
 
 any network access) and historically contained most vulnerabilities, especially critical ones.
 
 The static binaries released by the project contain neither libssl nor the Python ssl/_ssl modules.
 
 The static binaries released by the project contain neither libssl nor the Python ssl/_ssl modules.
 
+
 
+Compression and Encryption
 
+==========================
 
+
 
+Combining encryption with compression can be insecure in some contexts (e.g. online protocols).
 
+
 
+There was some discussion about this in `github issue #1040`_ and for Borg some developers
 
+concluded this is no problem at all, some concluded this is hard and extremely slow to exploit
 
+and thus no problem in practice.
 
+
 
+No matter what, there is always the option not to use compression if you are worried about this.
 
+
 
+.. _github issue #1040: https://github.com/borgbackup/borg/issues/1040

+ 16 - 3
docs/usage/notes.rst
查看文件 

@@ -201,15 +201,28 @@ copy just in case something goes wrong during the recovery. Since recovery is do
 
 deleting some files, a hard link copy (``cp -al``) is sufficient.
 
 deleting some files, a hard link copy (``cp -al``) is sufficient.
 
 
 
 The first step to reset the repository to transaction 5, the last uncompromised transaction,
 
 The first step to reset the repository to transaction 5, the last uncompromised transaction,
 
-is to remove the ``hints.N`` and ``index.N`` files in the repository (these two files are
 
-always expendable). In this example N is 13.
 
+is to remove the ``hints.N``, ``index.N`` and ``integrity.N``files in the repository (these
 
+files are always expendable). In this example N is 13.
 
 
 
 Then remove or move all segment files from the segment directories in ``data/`` starting
 
 Then remove or move all segment files from the segment directories in ``data/`` starting
 
 with file 6::
 
 with file 6::
 
 
 
     rm data/**/{6..13}
 
     rm data/**/{6..13}
 
 
 
-That's all to it.
 
+That's all to do in the repository.
 
+
 
+If you want to access this rollbacked repository from a client that already has
 
+a cache for this repository, the cache will reflect a newer repository state
 
+than what you actually have in the repository now, after the rollback.
 
+
 
+Thus, you need to clear the cache::
 
+
 
+    borg delete --cache-only repo
 
+
 
+The cache will get rebuilt automatically. Depending on repo size and archive
 
+count, it may take a while.
 
+
 
+You also will need to remove ~/.config/borg/security/REPOID/manifest-timestamp.
 
 
 
 Drawbacks
 
 Drawbacks
 
 +++++++++
 
 +++++++++