If a server that gets backed up with borg gets hacked, the attacker potentially could also invoke borg to delete the backups from the (remote) backup. See also these related attic issues: - [Restrict "serve" command to "create" operation only](https://github.com/jborg/attic/issues/162) - [Pull mode](https://github.com/jborg/attic/issues/175) - [Subkeys](https://github.com/jborg/attic/issues/116) --- :moneybag: [there is a bounty for this](https://www.bountysource.com/issues/17055144-the-hacked-server-issue)