mirror/borg
1
0
Fork 0
mirror of https://github.com/borgbackup/borg.git synced 2025-03-15 00:21:56 +00:00
Code Issues Releases Wiki Activity

[DOCS] #4883 – Borg documentation downplays severity of Nonce reuse issue

Browse source 
Shorten the log info for deleting/keeping security info. Fix bad wording.
This commit is contained in:
Thalian 2020-04-03 17:40:30 +02:00
parent 41ecd1ae30
commit 1d9dadd6b7
2 changed files with 6 additions and 8 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

7
docs/faq.rst
View file

@ -202,9 +202,10 @@ the working repository to the same location:
A plain delete command would remove the security info in A plain delete command would remove the security info in
``~/.config/borg/security``, including the nonce value. In BorgBackup ``~/.config/borg/security``, including the nonce value. In BorgBackup
:ref:`security_encryption` is AES-CTR, where the nonce is a counter. When the :ref:`security_encryption` is AES-CTR, where the nonce is a counter. When the
working repo was used later for creating new archives, Borg would initialize a working repo was used later for creating new archives, Borg would re-use nonce
fresh nonce, which would be bad for security reasons. To prevent this, the values due to starting from a lower counter value given by the older copy of the
``keep-security-info`` option is applied so that the nonce counter is kept. repository. To prevent this, the ``keep-security-info`` option is applied so
that the client-side nonce counter is kept.
Can Borg add redundancy to the backup data to deal with hardware malfunction? Can Borg add redundancy to the backup data to deal with hardware malfunction?
----------------------------------------------------------------------------- -----------------------------------------------------------------------------

7
src/borg/archiver.py
View file

@ -1212,10 +1212,7 @@ class Archiver:
SecurityManager.destroy(repository) SecurityManager.destroy(repository)
else: else:
logger.info("Would delete repository.") logger.info("Would delete repository.")
if keep_security_info: logger.info("Would %s security info." % ("keep" if keep_security_info else "delete"))
logger.info("Would keep security info.")
else:
logger.info("Would delete security info.")
if not dry_run: if not dry_run:
Cache.destroy(repository) Cache.destroy(repository)
logger.info("Cache deleted.") logger.info("Cache deleted.")
@ -3359,7 +3356,7 @@ class Archiver:
you run ``borg compact``. you run ``borg compact``.
When you delete a complete repository, the security info and local cache for it When you delete a complete repository, the security info and local cache for it
(if any) is also deleted. Alternatively, you can delete just the local cache (if any) are also deleted. Alternatively, you can delete just the local cache
with the ``--cache-only`` option, or keep the security info with the with the ``--cache-only`` option, or keep the security info with the
``--keep-security-info`` option. ``--keep-security-info`` option.