Having a server, I want to rclone DB dumps on the Storj bucket.
Configuring rclone on the server in question, with Read, Write access rights on the specified bucket.
What happens if a hacker takes over my server. He will be able to overwrite my backup files, because their names are easily predictable. Ideally there should be access right Create and a separate Write. Thus with Create files once uploaded, can’t be overwritten.
Does that make sense?
Welcome to the forum! I recommend you read the section in our documentation about Access Grant management and how to use caveats with access grants to limit if people who the access has been shared with can download files in an unlimited manner or only certain files for limited time, or no file downloads at all.
on the other hand, it is recommended you protect your Storj DCS account with multifactor authentication and a strong password, to prevent it from getting easily hacked.
It is not obvious from the documentation that you actually need Delete permission in order to overwrite a file. Perhaps you can add a sentence in the Documentation about this, and spare some answering on the forum. For the moment I don’t need TTL, will clear manually when full.
In the objects storage there is no overwrite or modify per-se, you actually will delete an object then upload a new one, but many client programs just hides this under the hood.
I got it, thank you @Alexey . Although I am long time software developer, it is my first time working with Object Stores (no S3 experience), so I was trying to match Object operations onto HTTP method requests.