mirror of https://github.com/borgbackup/borg.git
Add paragraph regarding cache security assumptions (#4900)
docs: tell about borg cache security precautions
This commit is contained in:
parent
fc96fc4bfd
commit
61b8234704
16
docs/faq.rst
16
docs/faq.rst
|
@ -352,6 +352,22 @@ to change them.
|
|||
Security
|
||||
########
|
||||
|
||||
.. _cache_security:
|
||||
|
||||
Do I need to take security precautions regarding the cache?
|
||||
-----------------------------------------------------------
|
||||
|
||||
The cache contains a lot of metadata information about the files in
|
||||
your repositories and it is not encrypted.
|
||||
|
||||
However, the assumption is that the cache is being stored on the very
|
||||
same system which also contains the original files which are being
|
||||
backed up. So someone with access to the cache files would also have
|
||||
access the the original files anyway.
|
||||
|
||||
If you ever need to move the cache to a different location, this can
|
||||
be achieved by using the appropriate :ref:`env_vars`.
|
||||
|
||||
How can I specify the encryption passphrase programmatically?
|
||||
-------------------------------------------------------------
|
||||
|
||||
|
|
|
@ -257,7 +257,8 @@ Directories and files:
|
|||
Default to '~/.config/borg'. This directory contains the whole config directories.
|
||||
BORG_CACHE_DIR
|
||||
Default to '~/.cache/borg'. This directory contains the local cache and might need a lot
|
||||
of space for dealing with big repositories.
|
||||
of space for dealing with big repositories. Make sure you're aware of the associated
|
||||
security aspects of the cache location: :ref:`cache_security`
|
||||
BORG_SECURITY_DIR
|
||||
Default to '~/.config/borg/security'. This directory contains information borg uses to
|
||||
track its usage of NONCES ("numbers used once" - usually in encryption context) and other
|
||||
|
|
Loading…
Reference in New Issue