[Borgbackup] Two Users, 1 repository
archont
archont at gmx.com
Mon Nov 25 15:00:14 EST 2019
November 25, 2019 6:54 PM, "Thomas Waldmann" <tw at waldmann-edv.de> wrote:
>> IMHO he can put the cache + config directly on the same drive as the
>> backup.
>
> no, don't do that.
Referring to these parts of BORG Doc?
== (7.1) (Each client having its own config and cache)
When the above attack model is extended to include multiple clients independently updating the same repository,then Borg fails to provide confidentiality.
==
and
== (Clients sharing the same config & cache)
Therefore in a multiple-client scenario a repository can trick a client into reusing counter values byignoring counter reservations and replaying the manifest (which will fail if the client has seen a more recent man-ifest or has a more recent nonce reservation). If the repository is untrusted, but a trusted synchronization channelexists between clients, the security database could be synchronized between them over said trusted channel. Thisis not part of Borg’s functionality.
==
More information about the Borgbackup
mailing list