[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: splitting key across machines

To: tarsnap-users@tarsnap.com
Subject: Re: splitting key across machines
From: Arnt Gulbrandsen <arnt@gulbrandsen.priv.no>
Date: Wed, 7 May 2014 11:51:50 +0200
In-reply-to: <5369FE03.9060503@tarsnap.com>
References: <CAK=48n6=uNddpx2eKwwETDDM+RH5JtFW=cMWEjgvbHjfcjj3yw@mail.gmail.com> <5369FE03.9060503@tarsnap.com>

On Wednesday, May 7, 2014 11:33:55 AM CEST, Colin Percival wrote:

The syncing needs to go both ways -- deletes need to know howmany archives useeach block, so they can figure out which blocks are no longer needed

after a

delete is finished, and creates need to know which blocks exist.

In which case the original poster probably should think hard about doingthis.

Suppose a fun-loving attacker gains access to the server that makes thebackups and manipulates the cache to set all the refcounts to 1, then waitsfor the OP to sync the cache to the host that can delete. When the OPsyncs, the attacker laughs like a hollywood villain, turns off the OP's ownaccess to the server, phones the OP and says "your backups are no good anymore. Paypal me $x in ten minutes or I wreck the server, too."


tarsnap --fsck seems a suitable alternative.

Arnt

References:
- splitting key across machines
  - From: The Farmer <are.you.the.farmer@gmail.com>
- Re: splitting key across machines
  - From: Colin Percival <cperciva@tarsnap.com>

Prev by Date: Re: de-duplication detail
Next by Date: Re: de-duplication detail
Previous by thread: Re: splitting key across machines
Next by thread: de-duplication detail
Index(es):
- Date
- Thread