I’m trying to set up ZFS snapshot replication with Sanoid/Syncoid using a pull architecture. Snapshots are pruned from the backup server with Sanoid.
I’m considering a scenario where production is compromised, creating bogus snapshots to trick the backup server into pruning valuable data upon the next pull.
What are the best practices for handling this? I imagine either Sanoid would need to be sufficiently intelligent about what it prunes, beyond snapshot names, or I could have the backup server set holds on snapshots. Am I stuck developing my own service or is this a solved problem?
Thanks!