Another feature (which didn't exist the last time I checked) SHOULD be to have /append only/ accounts.
It should be a /more privileged/ instruction to delete / replace / modify already stored files. This could prevent a backup service on a compromised system from removing remote backups. (Assuming the administrative information was kept secure using other means.)
Ideally I'd like to be able to manually assign privileges to sub-accounts.
* Modify: resume uploads older than 24 hours
* Modify: remove/delete
* Modify: change storage (filestream/parameters/metadata etc).
* Append: create new buckets
* Append: add a new file to a bucket
* Append: add a new /version/ of a file in a bucket.
* Append: add metadata
* Read: all list operations
* Read: all download operations
Note: Since the main way of racking up money on a B2 account is downloads and since compromised clients could be used to engage in a DDoS attack (by compromised legitimate customer accounts) //read// operations are actually more sensitive than might be initially guessed.
A simplified customer UI might bundle those operations together, but some advanced way of providing finely grained privileges should be created.
It should be a /more privileged/ instruction to delete / replace / modify already stored files. This could prevent a backup service on a compromised system from removing remote backups. (Assuming the administrative information was kept secure using other means.)
Ideally I'd like to be able to manually assign privileges to sub-accounts.
Note: Since the main way of racking up money on a B2 account is downloads and since compromised clients could be used to engage in a DDoS attack (by compromised legitimate customer accounts) //read// operations are actually more sensitive than might be initially guessed.A simplified customer UI might bundle those operations together, but some advanced way of providing finely grained privileges should be created.
Edit: Fixing formatting.