- Joined
- Jul 3, 2015
- Messages
- 926
I've mentioned this at least once before in another post and either got the feeling nobody else felt like this was an issue or they didn't quite appreciate the implication so thought I'll make a specific post about it so you guys can either put my mind at rest or we can conclude this is an issue and look to raise it.
So in the scenario where somebody has two FreeNAS systems with A replicating to B (lets say every hour for arguments sake). If the administrator of the box accidentally foolishly whatever you want to call it deletes a dataset then during the next replication window that same dataset is also deleted from system B meaning that data is lost forever.
Now the morale of this story is be careful when deleting datasets but what if someone managed to gain unauthorised access to the system and maliciously started deleting datasets knowing the impact it would have then not only have you lost your primary data but also your backup data.
Personally I would like some sort of option I could check in replication to say never delete datasets on the replica and that I will control that myself from the replica systems on a manual process thus avoiding this potentially catastrophic outcome.
I hope I've explained this well enough and like I said would be really interested to hear your viewpoints as its something for a while now that has played on my mind.
So in the scenario where somebody has two FreeNAS systems with A replicating to B (lets say every hour for arguments sake). If the administrator of the box accidentally foolishly whatever you want to call it deletes a dataset then during the next replication window that same dataset is also deleted from system B meaning that data is lost forever.
Now the morale of this story is be careful when deleting datasets but what if someone managed to gain unauthorised access to the system and maliciously started deleting datasets knowing the impact it would have then not only have you lost your primary data but also your backup data.
Personally I would like some sort of option I could check in replication to say never delete datasets on the replica and that I will control that myself from the replica systems on a manual process thus avoiding this potentially catastrophic outcome.
I hope I've explained this well enough and like I said would be really interested to hear your viewpoints as its something for a while now that has played on my mind.