Some notes on security models
-----------------------------

(Note that communications between burp clients and servers always use SSL, so
that the network connections are encrypted. The SSL certificates give you some
assurance that you are speaking to the correct peer. The following is mostly
talking about the data that ends up written on disks.)

a) You are a client, and you don't trust the server.
   * You must encrypt your data, using the client-side data encryption option,
     which is 'encryption_password=[password]'. If you lose the password, you
     will not be able to get your data back. Note that path names are not
     encrypted, and turning on client encryption means that you cannot do
     network librsync deltas.
     (If you do not encrypt your data, be aware that it can be read and copied
     by anybody that can read the server filesystem).
   * You must not set the autoupgrade options in the client burp.conf.
   * You must set 'server_can_restore=0' in the client burp.conf to prevent
     server initiated restores.

b) You are a site administrator. You have a burp server and several clients.
   If you don't trust your users, you have the ability to turn off various
   client abilities by editing the server configuration:
	  - client_can_force_backup=0
	  - client_can_list=0
	  - client_can_restore=0
	  - client_can_verify=0
