[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: limited keys (-r, -w), remote pruning



On Sat, Dec 12, 2009 at 07:14:14PM +0100, Andreas Olsson wrote:
> (...) I have cron run daily 
> backups. The same cron scripts (on the same machine) also prunes selected old 
> archives (...)
> 
> For this I use "full" tarsnap keys, which is what I would like to avoid. What 
> I instead would like is if I only needed to use limited keys, with read- and 
> write permissions, but without the delete permission. That way a potential 
> intruder at least wouldn't be able to ruin my backups.
> 
> (...) I will now have to [prune old data] from another (more trusted)
> computer. Doing that puts the cache folder on he original backup
> machine out of sync, preventing me from doing any more backups on it
> until I have rebuild its cache folders.

> cperciva: Or would it perhaps be possible to add an option to tarsnap, 
> allowing the rebuild of a cache folder without having the delete permission? 
> Merely working on the local cache folder wouldn't require anything else than a 
> read permission against the tarsnap archives, would it?

I am not a current customer, but I think an option "delete old data
after X days" would be very useful. Especially if it could be associated
with a particular key.

This would make it very easy to do the common thing. Have you avoided
adding this option so that, if a customer deletes old data, (s)he only
has his/her own cron script to blame?

		Joachim