From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from firstgate.proxmox.com (firstgate.proxmox.com [212.224.123.68]) by lore.proxmox.com (Postfix) with ESMTPS id 590371FF16B for ; Thu, 31 Oct 2024 16:46:13 +0100 (CET) Received: from firstgate.proxmox.com (localhost [127.0.0.1]) by firstgate.proxmox.com (Proxmox) with ESMTP id 7A2B0D050; Thu, 31 Oct 2024 16:46:18 +0100 (CET) From: Christian Ebner To: pbs-devel@lists.proxmox.com Date: Thu, 31 Oct 2024 16:45:53 +0100 Message-Id: <20241031154554.585068-1-c.ebner@proxmox.com> X-Mailer: git-send-email 2.39.5 MIME-Version: 1.0 X-SPAM-LEVEL: Spam detection results: 0 AWL 0.030 Adjusted score from AWL reputation of From: address BAYES_00 -1.9 Bayes spam probability is 0 to 1% DMARC_MISSING 0.1 Missing DMARC policy KAM_DMARC_STATUS 0.01 Test Rule for DKIM or SPF Failure with Strict Alignment RCVD_IN_VALIDITY_CERTIFIED_BLOCKED 0.001 ADMINISTRATOR NOTICE: The query to Validity was blocked. See https://knowledge.validity.com/hc/en-us/articles/20961730681243 for more information. RCVD_IN_VALIDITY_RPBL_BLOCKED 0.001 ADMINISTRATOR NOTICE: The query to Validity was blocked. See https://knowledge.validity.com/hc/en-us/articles/20961730681243 for more information. RCVD_IN_VALIDITY_SAFE_BLOCKED 0.001 ADMINISTRATOR NOTICE: The query to Validity was blocked. See https://knowledge.validity.com/hc/en-us/articles/20961730681243 for more information. SPF_HELO_NONE 0.001 SPF: HELO does not publish an SPF Record SPF_PASS -0.001 SPF: sender matches SPF record Subject: [pbs-devel] [PATCH proxmox-backup 1/2] docs: add security implications of prune and change detection mode X-BeenThere: pbs-devel@lists.proxmox.com X-Mailman-Version: 2.1.29 Precedence: list List-Id: Proxmox Backup Server development discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Reply-To: Proxmox Backup Server development discussion Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Errors-To: pbs-devel-bounces@lists.proxmox.com Sender: "pbs-devel" Users should be made aware that the data stored in chunks outlives the backup snapshots on pruning and that backups created using the change-detection-mode set to metadata might reference chunks containing files which have vanished since the previous backup, but might still be accessible when access to the chunks raw data is possible (client or server side). Signed-off-by: Christian Ebner --- docs/maintenance.rst | 23 +++++++++++++++++++++-- 1 file changed, 21 insertions(+), 2 deletions(-) diff --git a/docs/maintenance.rst b/docs/maintenance.rst index 4bb135e4e..b6d42ecc2 100644 --- a/docs/maintenance.rst +++ b/docs/maintenance.rst @@ -6,8 +6,27 @@ Maintenance Tasks Pruning ------- -Prune lets you specify which backup snapshots you want to keep. -The following retention options are available: +Prune lets you specify which backup snapshots you want to keep, removing others. +For removed backups, only the metadata associating the snapshot with the data +stored in the data chunks is removed, the actual backup data has to be removed +by garbage collection. + +.. Caution:: Take into consideration that sensitive information stored in data + chunks will outlive a pruned snapshot and remain present in the datastore as + long as at least one backup snapshot references this data. + + If no longer referenced, the data remains until removed by the garbage + collection. + + Further, backups created using the `change-detection-mode` set to `metadata` + might reference backup chunks containing files which have vanished since the + previous backup, but might still be accessible when reading the chunks raw + data is possible (client or server side). + + Creating a backup with `change-detection-mode` set to `data` will break this + chain, as files will never reuse chunks partially. + +The following retention options are available for pruning: ``keep-last `` Keep the last ```` backup snapshots. -- 2.39.5 _______________________________________________ pbs-devel mailing list pbs-devel@lists.proxmox.com https://lists.proxmox.com/cgi-bin/mailman/listinfo/pbs-devel