pgo_lemmy
@pgo_lemmy@feddit.it
This is a remote user, information on this page may be incomplete. View original ↗
- Comment on How do you protect a remote backup from a compromised account? 2 days ago:
If the main site gets compromised the credentials there must be considered lost and known to che attackers.
with a pull backup that’s not an issue because the main site has no access to the remote system; it is a process on the remote site that has credentials to access the main site and not the other way around.
the remote system may receive a compromised copy of the data, but the attacker cannot tamper with previous backups so recovery is still possible.