restic

Commit Graph

Author	SHA1	Message	Date
Michael Eischer	1ccab95bc4	b2: Support file hiding instead of deleting them permanently Automatically fall back to hiding files if not authorized to permanently delete files. This allows using restic with an append-only application key with B2. Thus, an attacker cannot directly delete backups with the API key used by restic. To use this feature create an application key without the deleteFiles capability. It is recommended to restrict the key to just one bucket. For example using the b2 command line tool: b2 create-key --bucket <bucketName> <keyName> listBuckets,readFiles,writeFiles,listFiles Suggested-by: Daniel Gröber <dxld@darkboxed.org>	2022-11-05 20:10:45 +01:00

Author

SHA1

Message

Date

Michael Eischer

1ccab95bc4

b2: Support file hiding instead of deleting them permanently

Automatically fall back to hiding files if not authorized to permanently
delete files. This allows using restic with an append-only application
key with B2.  Thus, an attacker cannot directly delete backups with the
API key used by restic.

To use this feature create an application key without the deleteFiles
capability. It is recommended to restrict the key to just one bucket.
For example using the b2 command line tool:

    b2 create-key --bucket <bucketName> <keyName> listBuckets,readFiles,writeFiles,listFiles

Suggested-by: Daniel Gröber <dxld@darkboxed.org>

2022-11-05 20:10:45 +01:00

1 Commits