mirror
/
borg
mirror of https://github.com/borgbackup/borg.git
1
0
Fork 0
Code Issues Releases Wiki Activity

init: note possible denial of service with "none" mode

This commit is contained in:
Marian Beermann 2017-06-17 11:54:06 +02:00
parent a013bd7d75
commit 97089fe141
1 changed files with 7 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
src/borg/archiver.py
View File

@ -2453,12 +2453,14 @@ class Archiver:
| Hash/MAC | Not encrypted | Not encrypted, | Encrypted (AEAD w/ AES) | | Hash/MAC | Not encrypted | Not encrypted, | Encrypted (AEAD w/ AES) |
| | no auth | but authenticated | and authenticated | | | no auth | but authenticated | and authenticated |
+----------+---------------+------------------------+--------------------------+ +----------+---------------+------------------------+--------------------------+
| SHA-256 | none | authenticated | repokey, keyfile | | SHA-256 | none | `authenticated` | repokey, keyfile |
+----------+---------------+------------------------+--------------------------+ +----------+---------------+------------------------+--------------------------+
| BLAKE2b | n/a | authenticated-blake2 | repokey-blake2, | | BLAKE2b | n/a | `authenticated-blake2` | `repokey-blake2`, |
| | | | keyfile-blake2 | | | | | `keyfile-blake2` |
+----------+---------------+------------------------+--------------------------+ +----------+---------------+------------------------+--------------------------+
`Marked modes` are new in Borg 1.1 and are not backwards-compatible with Borg 1.0.x.
On modern Intel/AMD CPUs (except very cheap ones), AES is usually On modern Intel/AMD CPUs (except very cheap ones), AES is usually
hardware-accelerated. hardware-accelerated.
BLAKE2b is faster than SHA256 on Intel/AMD 64-bit CPUs BLAKE2b is faster than SHA256 on Intel/AMD 64-bit CPUs
@ -2491,7 +2493,8 @@ class Archiver:
`none` mode uses no encryption and no authentication. It uses SHA256 as chunk `none` mode uses no encryption and no authentication. It uses SHA256 as chunk
ID hash. Not recommended, rather consider using an authenticated or ID hash. Not recommended, rather consider using an authenticated or
authenticated/encrypted mode. authenticated/encrypted mode. This mode has possible denial-of-service issues
when running ``borg create`` on contents controlled by an attacker.
Use it only for new repositories where no encryption is wanted **and** when compatibility Use it only for new repositories where no encryption is wanted **and** when compatibility
with 1.0.x is important. If compatibility with 1.0.x is not important, use with 1.0.x is important. If compatibility with 1.0.x is not important, use
`authenticated-blake2` or `authenticated` instead. `authenticated-blake2` or `authenticated` instead.